| 基于行为语义分析的Web恶意代码检测机制研究 |
| |
| 引用本文: | 李道丰,黄凡玲,刘水祥,黄安妮.基于行为语义分析的Web恶意代码检测机制研究[J].计算机科学,2016,43(8):110-113. |
| |
| 作者姓名: | 李道丰 黄凡玲 刘水祥 黄安妮 |
| |
| 作者单位: | 广西大学计算机与电子信息学院 南宁530004;广西高校并行分布式计算技术重点实验室 南宁530004,清华大学软件学院 北京100084,中南大学软件学院 长沙410075,广西大学计算机与电子信息学院 南宁530004;广西高校并行分布式计算技术重点实验室 南宁530004 |
| |
| 基金项目: | 本文受国家自然科学基金(61362010),广西自然科学基金项目(2012GXNSFAA053217),广西教育厅科研基金(YB2014008),广西研究生教育创新计划资助 |
| |
| 摘 要: | 在Web安全问题的研究中,如何提高Web恶意代码的检测效率一直是Web恶意代码检测方法研究中需要解决的问题。为此,针对跨站脚本漏洞、ActiveX控件漏洞和Web Shellcode方面的检测,提出一种基于行为语义分析的Web恶意代码检测机制。通过对上述漏洞的行为和语义进行分析,提取行为特征,构建Web客户端脚本解析引擎和Web Shellcode检测引擎,实现对跨站脚本漏洞、ActiveX控件漏洞和Web Shellcode等的正确检测,以及对Web Shellcode攻击行为进行取证的功能。实验分析结果表明,新的Web恶意代码检测机制具有检测能力强、漏检率低的性能。
|
| 关 键 词: | 网页恶意代码 客户端攻击 检测 行为语义分析 |
| 收稿时间: | 2015/7/14 0:00:00 |
| 修稿时间: | 2015/11/9 0:00:00 |
Study on Web-based Malware Detection Mechanism Based on Behavior and Semantic Analysis |
| |
| LI Dao-feng,HUANG Fan-ling,LIU Shui-xiang and HUANG An-ni.Study on Web-based Malware Detection Mechanism Based on Behavior and Semantic Analysis[J].Computer Science,2016,43(8):110-113. |
| |
| Authors: | LI Dao-feng HUANG Fan-ling LIU Shui-xiang and HUANG An-ni |
| |
| Affiliation: | School of Computer and Electronic Information,Guangxi University,Nanning 530004,China;Guangxi Colleges and University Key Laboratory of Parallel and Distributed Computing Technology,Nanning 530004,China,School of Software,Tsinghua University,Beijing 100084,China,School of Software,Central South University,Changsha 410075,China and School of Computer and Electronic Information,Guangxi University,Nanning 530004,China;Guangxi Colleges and University Key Laboratory of Parallel and Distributed Computing Technology,Nanning 530004,China |
| |
| Abstract: | How to improve the detection efficiency of Web malicious code has always been a problem to be solved in the research of Web security issues.A detection mechanism for Web-based malware based on behavior and semantic analysis was proposed to detect vulnerabilities in XSS,ActiveX controls and Web Shellcode in our paper.Behavioral characteristics was extracted and the detection engine was built to realize the correct detection of vulnerabilities in XSS,ActiveX controls and Web Shellcode,and the forensics of Shellcode attacks.Experimental results show that the perfor-mance of the new detection mechanism for Web-based malware has stronger detection ability and lower missing rate. |
| |
| Keywords: | Web-based malware Client attack Detection Behavior and semantic analysis |
|
|
点击此处可从《计算机科学》下载全文 |
|
