Abstract
Drive-by downloads attack has become the primary attack vehicle for malware distribution in recent years. One existing method of detecting drive-by download attacks is using static analysis technique. However, static detection methods are vulnerable to sophisticated obfuscation and cloaking. Dynamic detection methods are proposed to overcome the shortcomings of static analysis techniques and can get a higher detection rate. But dynamic anomaly detection methods are typically resource intensive and introduce high time overhead. To improve performance of dynamic detection techniques, we designed SafeBrowingCloud, a system based on apache S4, a distributed computing platform. And the system is deployed at edge router. SafeBrowingCloud analyzes network traffic, executes webpages in firefox with modified javascript engine, abstracts javascript strings and detects shellcode with three shellcode detection methods to find malicious web pages. Experimental results show efficiency of the proposed system with the high-speed network traffic.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.