Abstract
The number of client-side attacks is increasing day-by-day. These attacks are launched by using various methods like phishing, drive-by downloads, click-frauds, social engineering, scareware, and ransomware. To get more advantage with less exertion and time, the attackers are focus on the clients, rather than servers which are more secured as compared to the clients. This makes clients as an easy target for the attackers on the Internet. A number of systems/tools have been created by the security community with various functions for detection of client-side attacks. The discovery of malicious servers that launch the client side attacks can be characterized in two types. First to detect malicious servers with passive detection which is often signature based. Second to detect the malicious servers with active detection often with dynamic malware analysis. Current systems or tools have more focus on identifying malicious servers rather than preventing the clients from those malicious servers. In this paper, we have proposed a solution for the detection and prevention of malicious servers that use the Bro Intrusion Detection System (IDS) and VirusTotal API 2.0. The detected malicious link is then blocked at the gateway.
Highlights
As Internet usage increased in the current era, as we are doing online shopping, booking rides, freelancing for clients, the number of client-side attacks increased, so the cybersecurity has emerged as a challenging task
A large number of malicious servers on the Internet forms the foundation for cybercriminals and the underground market which is known as the dark web
The well known client-side attacks are described below: 2.1 Cross-Site Script Attack In Cross-Site Script (XSS) attack [3], the malicious code is executed by attackers on the legitimate website or any application for a client-side attack
Summary
As Internet usage increased in the current era, as we are doing online shopping, booking rides, freelancing for clients, the number of client-side attacks increased, so the cybersecurity has emerged as a challenging task. Different kinds of attacks like webbased attacks, phishing, spam, click-frauds, and scareware/ ransomware are common that target the client machines on the Internet. These sort of malicious exercises are carried out by the attackers through driveby download approaches. A large number of malicious servers on the Internet forms the foundation for cybercriminals and the underground market which is known as the dark web. This work uses passive and active detection approach for detection and prevention of the malicious servers. Some tools use passive detection to block blacklist Internet Protocol (IP) addresses.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Mehran University Research Journal of Engineering and Technology
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
