Throwing a MonkeyWrench into Web Attackers Plans

9 years 5 months ago
Throwing a MonkeyWrench into Web Attackers Plans
Abstract. Client-based attacks on internet users with malicious web pages represent a serious and rising threat. Internet Browsers with enabled active content technologies such as JavaScript are vulnerable to so-called drive-by downloads. Drive-by downloads are able to automatically infect a victim's system during a single visit of a crafted web page testing various vulnerabilities and installing e.g. malware files or illegal content without user interaction. In this paper we present MonkeyWrench, a low-interaction web-honeyclient allowing automatic identification of malicious web pages by performing static analysis of the HTML-objects in a web page as well as dynamic analysis of scripts by execution in an emulated browser environment. Using this hybrid approach MonkeyWrench overcomes shortcomings of existing low-interaction web-honeyclients in dealing with obfuscated JavaScript while outperforming high-interaction systems. Further MonkeyWrench is able to identify the exact vulner...
Armin Büscher, Michael Meier, Ralf Benzmü
Added 06 Dec 2010
Updated 06 Dec 2010
Type Conference
Year 2010
Where CMS
Authors Armin Büscher, Michael Meier, Ralf Benzmüller
Comments (0)