Validation of Web Alteration Detection using Link Change State in Web Page
Size: px
Start display at page:

Download "Validation of Web Alteration Detection using Link Change State in Web Page"

Transcription

1 Web m-shouta@uec.ac.jp,zetaka@computer.org Web Web URL Web Alexa Top 100 Web Validation of Web Alteration Detection using Link Change State in Web Page Shouta Mochizuki Tetsuji Takada The University of Electro-Communications Chofugaoka, Chofu, Tokyo , JAPAN m-shouta@uec.ac.jp, zetaka@computer.org Abstract There are attacks targeted viewers by difficult Web page judgment of alteration. We have proposed a Web alteration detection method that focuses on the time change of the link URL in the Web page. However, it is untested for alteration detection capability of the proposed method. In this paper, in order to verify the effectiveness of the proposed method, we have an evaluation experiment targeted a Web page that collected the Alexa Top 100 as a starting point. Based on the experiment result, we discuss the effectiveness and future works of the proposed method. 1 Web 1 Drive-by Download Web ( ) () Drive-by Download ( Google Safe Browsing[2]) Web Web Web Web

2 URL client honeypot Drive-by Download [3, 6, 5] Drive-by Download Drive-by Download Drive-by Download honeyclient / Web Drive-by Download Web iframe script Web DOM URL DOM URL Web Web Alexa[9] Web URL Web URL Stokes [5] WebCop ( ) WebCop 400, ,000 WebCop Web Web 2.2 Web Web Kevin [7] -- Web 2 DOM JavaScript DOM JavaScript [8] FCDBD FCDBD Drive-by Download Web 1 Web Web Web Web Web Web

3 1: Google Chrome DOM URL Web Web script iframe URL DOM URL URL URL URL URL URL URL Web Web Web

4 2: 3: URL URL URL URL Web URL URL URL Web Web 1. Web URL 2. Web VirusTotal 1 Web URL Web Alexa[9] Web Top 100 Web 100Web HTML HTML a href URL Top 100 URL URL 2 Web Web Web URLs Web 2 Web URL URL URL Web Web 1 URL Web URL URL ( 1 ) Google Chrome Web Web Web Web Web DOM DOM 7 (, URL)

5 a, img, script, iframe, frame, form, param 7 ( 4 ) Web URL Web URL Web 2 version Web 2 version or Web URL VirusTotal clean site not clean site clean VirusTotal URL clean site unrated site not clean site URL ( / ) (clean site/not clean site) Web URL URL VirusTotal clean site not clean site URL Web URL 1 not clean site Web 4.2 4: 3 1 Web ( / ) (clean site/not clean site) 2 URL Web 4149 URLs(33.4%) Web URL VirusTotal 1635 URLs 2514 URLs ( 4 ) clean site False positive Alexa Top 100 Web 1 URL Web Web Web Web Alexa

6 1: VirusTotal clean site 8172 URLs 66.5% 4114 URLs 33.5% URLs not clean site 93 URLs 72.7% 35 URLs 27.3% 128 URLs 8265 URLs 66.6% 4149 URLs 33.4% URLs 2: clean site 4114 URLs 2241 URLs 54.5% Web Web Web Web Web Web 1 URL Alexa Top 100 Web Web Web Web 5.2 False positive False positive Web URLs Web False positive False positve URL Web False positive Adblock Plus[10] % False positive Drive-by Download Provos [3] Driveby Download Drive-by Download False positive Web

7 Web a Web Web a img URL Web a img SQL href src JavaScript 2 a img a img a Web a a a title 5.3 False negative Web version Web Web Web False negative Web Web URL Web Web Web URL Web Web Web Web Web Web Web Web Web Web URL URL URL SNS URL URL URL URL Web URL URL

8 URL Web Web URL URL 6 Drive-by Download Web Web Web URL Web Alexa Top 100 Web URLs Web 2514 URLs a [1] Web 2014 CSS [2] Google Safe Browsing API, safe-browsing/, December 2014 [3] N. Provos, P. Mavrommatis, M. A. Rajab and F. Monrose All Your iframes Point to Us, Proc. of the 17th USENIX Security Symposium, pp. 115, [4] Marco Cova, Christopher Kruegel, and Giovanni Vigna Detection and analysis of drive-by-download attacks and malicious javascript code. Proc of the 19th International Conference on World Wide Web, WWW 10, pages , 2010 [5] J. W. Stokes, R. Andersen, C. Seifert and K.Chellapilla WebCop: Locating Neighborhoods of Malware on the Web, Proc. 3rd USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET 2010), 2010 [6] J. Zhang, C. Seifert, J. W. Stokes and W. Lee ARROW: GenerAting SignatuRes to Detect DRive-By DOWnloads, Proc. 20th International World Wide Web Conference(WWW2011), 2011 [7] Kevin Borgolte Christopher Kruegel Giovanni Vigna Automatic Identification of Unknown Web-based Infection Campaigns Proc. of the 2013 ACM SIGSAC conference on Computer & communications security 2013 [8] Drive-by Download Web CSEC 2015-CSEC-68 Vol 2015 No [9] Alexa: Actionable Analytics for the Web < ) [10] Adblock Plus <https: //adblockplus.org/> [11] VirusTotal < virustotal.com/> [12] IPA! < ipa.go.jp/files/ pdf>

Similar documents

[Rajebhosale*, 5(4): April, 2016] ISSN: (I2OR), Publication Impact Factor: 3.785

[Rajebhosale*, 5(4): April, 2016] ISSN: (I2OR), Publication Impact Factor: 3.785 IJESRT INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH TECHNOLOGY A FILTER FOR ANALYSIS AND DETECTION OF MALICIOUS WEB PAGES Prof. SagarRajebhosale*, Mr.Abhimanyu Bhor, Ms.Tejashree Desai, Ms.

More information

Security Analysis of Top Visited Arabic Web Sites

Security Analysis of Top Visited Arabic Web Sites Security Analysis of Top Visited Arabic Web Sites Abdulrahman Alarifi, Mansour Alsaleh Computer Research Institute, King Abdulaziz City for and Technology, Riyadh, KSA {aarifi, maalsaleh}@kacst.edu.sa

More information

Identification of Malicious Web Pages with Static Heuristics

Identification of Malicious Web Pages with Static Heuristics Identification of Malicious Web Pages with Static Heuristics Christian Seifert, Ian Welch, Peter Komisarczuk Victoria University of Wellington P. O. Box 600 Wellington 6140, New Zealand Email: {cseifert,ian,peterk}@mcs.vuw.ac.nz

More information

Regular Paper Classification Method of Unknown Web Sites Based on Distribution Information of Malicious IP addresses

Regular Paper Classification Method of Unknown Web Sites Based on Distribution Information of Malicious IP addresses International Journal of Informatics Society, VOL.10, NO.1 (2018) 41-50 41 Regular Paper Classification Method of Unknown Web Sites Based on Distribution Information of Malicious IP addresses Shihori Kanazawa

More information

ROSAEC Survey Workshop SELab. Soohyun Baik

ROSAEC Survey Workshop SELab. Soohyun Baik ROSAEC Survey Workshop SELab. Soohyun Baik Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel,

More information

Detection of Cross Site Scripting Attack and Malicious Obfuscated Javascript Code

Detection of Cross Site Scripting Attack and Malicious Obfuscated Javascript Code International Journal of Engineering Research in Computer Science and Engineering Detection of Cross Site Scripting Attack and Malicious Obfuscated Javascript Code [1] Vrushali S. Bari [2] Prof. Nitin

More information

Content Security Policy

Content Security Policy Content Security Policy And mitigating Cross-site Scripting vulnerabilities Joseph Fields M.Sc Computer Science - December 2016 Introduction HTML and Javascript power billions of websites visited daily

More information

Detecting Drive-by-Download Attacks based on HTTP Context-Types Ryo Kiire, Shigeki Goto Waseda University

Detecting Drive-by-Download Attacks based on HTTP Context-Types Ryo Kiire, Shigeki Goto Waseda University Detecting Drive-by-Download Attacks based on HTTP Context-Types Ryo Kiire, Shigeki Goto Waseda University 1 Outline Background Related Work Purpose Method Experiment Results Conclusion & Future Work 2

More information

Automatic Detection of Access Control Vulnerabilities in Web Applications by URL Crawling and Forced Browsing

Automatic Detection of Access Control Vulnerabilities in Web Applications by URL Crawling and Forced Browsing Automatic Detection of Access Control Vulnerabilities in Web Applications by URL Crawling and Forced Browsing Ho-Gil Song 1,2, Yukyong Kim 2 and Kyung-Goo Doh 2 1 SureSoft Technologies, Inc., Seoul, Korea

More information

OWASP AppSec Research The OWASP Foundation New Insights into Clickjacking

OWASP AppSec Research The OWASP Foundation New Insights into Clickjacking New Insights into Clickjacking Marco `embyte` Balduzzi iseclab @ EURECOM embyte@iseclab.org AppSec Research 2010 Joint work with Egele, Kirda, Balzarotti and Kruegel Copyright The Foundation Permission

More information

You Are Being Watched Analysis of JavaScript-Based Trackers

You Are Being Watched Analysis of JavaScript-Based Trackers You Are Being Watched Analysis of JavaScript-Based Trackers Rohit Mehra IIIT-Delhi rohit1376@iiitd.ac.in Shobhita Saxena IIIT-Delhi shobhita1315@iiitd.ac.in Vaishali Garg IIIT-Delhi vaishali1318@iiitd.ac.in

More information

The Most Dangerous Code in the Browser. Stefan Heule, Devon Rifkin, Alejandro Russo, Deian Stefan

The Most Dangerous Code in the Browser. Stefan Heule, Devon Rifkin, Alejandro Russo, Deian Stefan The Most Dangerous Code in the Browser Stefan Heule, Devon Rifkin, Alejandro Russo, Deian Stefan Modern web experience Modern web experience Modern web experience Web apps Extensions NYTimes Chase AdBlock

More information

Atomizer: Fast, Scalable and Lightweight Heap Analyzer for Virtual Machines in a Cloud Environment

Atomizer: Fast, Scalable and Lightweight Heap Analyzer for Virtual Machines in a Cloud Environment Atomizer: Fast, Scalable and Lightweight Heap Analyzer for Virtual Machines in a Cloud Environment Salman Javaid Aleksandar Zoranic Irfan Ahmed Golden G. Richard III University of New Orleans Greater New

More information

s642 web security computer security adam everspaugh

s642 web security computer security adam everspaugh s642 computer security web security adam everspaugh ace@cs.wisc.edu review memory protections / data execution prevention / address space layout randomization / stack protector Sandboxing / Limit damage

More information

Uniform Resource Locators (URL)

Uniform Resource Locators (URL) The World Wide Web Web Web site consists of simply of pages of text and images A web pages are render by a web browser Retrieving a webpage online: Client open a web browser on the local machine The web

More information

X-Secure: protecting users from big bad wolves

X-Secure: protecting users from big bad wolves Abertay University From the SelectedWorks of xavier bellekens Summer October, 2016 X-Secure: protecting users from big bad wolves xavier bellekens, Abertay University Available at: https://works.bepress.com/xavier-bellekens/9/

More information

FREE ONLINE WEBSITE MALWARE SCANNER WEBSITE SECURITY

FREE ONLINE WEBSITE MALWARE SCANNER WEBSITE SECURITY PDF 11 AWESOME TOOLS FOR WEBSITE MALWARE SCANNING FREE ONLINE WEBSITE SECURITY 1 / 5 2 / 5 3 / 5 website malware scanner pdf Qualys Malware Detection helps you to scan continuously for malware against

More information

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0 Author: Tonny Rabjerg Version: 20150730 Company Presentation WSF 4.0 WSF 4.0 Cybercrime is a growth industry. The returns are great, and the risks are low. We estimate that the likely annual cost to the

More information

Finding the Linchpins of the Dark Web: A Study on Topologically Dedicated Hosts on Malicious Web Infrastructures

Finding the Linchpins of the Dark Web: A Study on Topologically Dedicated Hosts on Malicious Web Infrastructures Finding the Linchpins of the Dark Web: A Study on Topologically Dedicated Hosts on Malicious Web Infrastructures Zhou Li, Indiana University Bloomington Sumayah Alrwais, Indiana University Bloomington

More information

Finding Vulnerabilities in Web Applications

Finding Vulnerabilities in Web Applications Finding Vulnerabilities in Web Applications Christopher Kruegel, Technical University Vienna Evolving Networks, Evolving Threats The past few years have witnessed a significant increase in the number of

More information

SEO Authority Score: 40.0%

SEO Authority Score: 40.0% SEO Authority Score: 40.0% The authority of a Web is defined by the external factors that affect its ranking in search engines. Improving the factors that determine the authority of a domain takes time

More information

How Tracking Companies Circumvented Ad Blockers Using WebSockets

How Tracking Companies Circumvented Ad Blockers Using WebSockets How Tracking Companies Circumvented Ad Blockers Using WebSockets Muhammad Ahmad Bashir, Sajjad Arshad, Engin Kirda, William Robertson, Christo Wilson Northeastern University Online Tracking 2 Online Tracking

More information

Next Generation Enduser Protection

Next Generation Enduser Protection Next Generation Enduser Protection Janne Timisjärvi Systems Engineer 10.5.2017 What is the the real threat? Encrypted! Give me all your Bitcoin$ Let s check if there Is something of value The Evolution

More information

How Tracking Companies Circumvented Ad Blockers Using WebSockets

How Tracking Companies Circumvented Ad Blockers Using WebSockets How Tracking Companies Circumvented Ad Blockers Using WebSockets Muhammad Ahmad Bashir, Sajjad Arshad, Engin Kirda, William Robertson, Christo Wilson Northeastern University Online Tracking 2 Online Tracking

More information

Annoyed Users: Ads and Ad-Block Usage in the Wild

Annoyed Users: Ads and Ad-Block Usage in the Wild Annoyed Users: Ads and Ad-Block Usage in the Wild Enric Pujol TU Berlin Oliver Hohlfeld RWTH Aachen Anja Feldmann TU Berlin IMC 15 Tokyo, Japan 2 http://www.journalism.org/2015/04/29/digital-news-revenue-fact-sheet

More information

Hybrid Obfuscated Javascript Strength Analysis System for Detection of Malicious Websites

Hybrid Obfuscated Javascript Strength Analysis System for Detection of Malicious Websites Hybrid Obfuscated Javascript Strength Analysis System for Detection of Malicious Websites R. Krishnaveni, C. Chellappan, and R. Dhanalakshmi Department of Computer Science & Engineering, Anna University,

More information

WEB SECURITY WORKSHOP TEXSAW Presented by Solomon Boyd and Jiayang Wang

WEB SECURITY WORKSHOP TEXSAW Presented by Solomon Boyd and Jiayang Wang WEB SECURITY WORKSHOP TEXSAW 2014 Presented by Solomon Boyd and Jiayang Wang Introduction and Background Targets Web Applications Web Pages Databases Goals Steal data Gain access to system Bypass authentication

More information

Testing login process security of websites. Benjamin Krumnow

Testing login process security of websites. Benjamin Krumnow Testing login process security of websites Benjamin Krumnow Benjamin Krumnow 2 Initial Project: Shepherd Marc Sleegers, B.Sc., master student at the Open University Bachelor Thesis, March 2017 [1] Counting

More information

ID: Sample Name: dronefly.apk Cookbook: default.jbs Time: 10:24:54 Date: 07/06/2018 Version:

ID: Sample Name: dronefly.apk Cookbook: default.jbs Time: 10:24:54 Date: 07/06/2018 Version: ID: 001 Sample Name: dronefly.apk Cookbook: default.jbs Time: 10:24:4 Date: 0/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information

INTRODUCING SOPHOS INTERCEPT X

INTRODUCING SOPHOS INTERCEPT X INTRODUCING SOPHOS INTERCEPT X Matt Cooke Senior Product Marketing Manager November 2016 A Leader in Endpoint Security Sophos delivers the most enterprise-friendly SaaS endpoint security suite. Sophos

More information

LECT 8 WEB SECURITY BROWSER SECURITY. Repetition Lect 7. WEB Security

LECT 8 WEB SECURITY BROWSER SECURITY. Repetition Lect 7. WEB Security Repetition Lect 7 LECT 8 WEB SECURITY Access control Runtime protection Trusted computing Java as basic model for signed code Trusted Computing Group TPM ARM TrustZone Mobile Network security GSM security

More information

Prevention Of Cross-Site Scripting Attacks (XSS) On Web Applications In The Client Side

Prevention Of Cross-Site Scripting Attacks (XSS) On Web Applications In The Client Side www.ijcsi.org 650 Prevention Of Cross-Site Scripting Attacks (XSS) On Web Applications In The Client Side S.SHALINI 1, S.USHA 2 1 Department of Computer and Communication, Sri Sairam Engineering College,

More information

Match the attack to its description:

Match the attack to its description: Match the attack to its description: 8 7 5 6 4 2 3 1 Attacks: Using Components with Known Vulnerabilities Missing Function Level Access Control Sensitive Data Exposure Security Misconfiguration Insecure

More information

WHY CSRF WORKS. Implicit authentication by Web browsers

WHY CSRF WORKS. Implicit authentication by Web browsers WHY CSRF WORKS To explain the root causes of, and solutions to CSRF attacks, I need to share with you the two broad types of authentication mechanisms used by Web applications: 1. Implicit authentication

More information

CLOUD STRIFE. Mitigating the Security Risks of Domain-Validated Certificates

CLOUD STRIFE. Mitigating the Security Risks of Domain-Validated Certificates CLOUD STRIFE Mitigating the Security Risks of Domain-Validated Certificates Kevin Borgolte Tobias Fiebig Shuang Hao Christopher Kruegel Giovanni Vigna kevinbo@cs.ucsb.edu t.fiebig@tudelft.nl shao@utdallas.edu

More information

The Evolution of Chrome Security Architecture. Huan Ren Director, Qihoo 360 Technology Ltd

The Evolution of Chrome Security Architecture. Huan Ren Director, Qihoo 360 Technology Ltd The Evolution of Chrome Security Architecture Huan Ren Director, Qihoo 360 Technology Ltd Today s Chrome Architecture Browser GPU Sandbox Policy Renderer Extension Plug In History Initial version: multi-process,

More information

Detecting XSS Based Web Application Vulnerabilities

Detecting XSS Based Web Application Vulnerabilities Detecting XSS Based Web Application Vulnerabilities M.S.Jasmine M.Tech (ISCF).Student, Department of Information Technology SRM University, TamilNadu,India jasmine.srakj@gmail.com Kirthiga Devi Assistant

More information

Technical Brochure F-SECURE THREAT SHIELD

Technical Brochure F-SECURE THREAT SHIELD Technical Brochure F-SECURE THREAT SHIELD F-SECURE THREATSHIELD F-Secure ThreatShield is a gateway-level security solution for protecting email and web traffic, with built-in network sandboxing technology.

More information

Flash Ads. Tracking Clicks with Flash Clicks using the ClickTAG

Flash Ads. Tracking Clicks with Flash Clicks using the ClickTAG How-to Guide to Displaying and Tracking Rich-Media/Flash Ads Image advertising varies from standard GIF, JPG, PNG to more interactive ad technologies such as Flash, or rich-media (HTML Ads). Ad Peeps can

More information

Feature. Persistent Cross-interface Attacks

Feature. Persistent Cross-interface Attacks Feature Aditya K. Sood is a security researcher and doctoral candidate at Michigan State University (USA) and has worked in the security domain for Armorize, COSEINC and KPMG. Sood is a founder of SecNiche

More information

Identification and Defense Mechanisms for XSS Attack

Identification and Defense Mechanisms for XSS Attack Identification and Defense Mechanisms for XSS Attack Nency Patel Department of Computer Engineering D.J.Sanghavi College of engineering Mumbai, India Narendra Shekokar Department of Computer Engineering

More information

Detecting Malicious Web Links and Identifying Their Attack Types

Detecting Malicious Web Links and Identifying Their Attack Types Detecting Malicious Web Links and Identifying Their Attack Types Anti-Spam Team Cellopoint July 3, 2013 Introduction References A great effort has been directed towards detection of malicious URLs Blacklisting

More information

Malicious Web Pages Detection Based on Abnormal Visibility Recognition

Malicious Web Pages Detection Based on Abnormal Visibility Recognition Malicious Web Pages Detection Based on Abnormal Visibility Recognition Bin Liang 1 2, Jianjun Huang 1, Fang Liu 1, Dawei Wang 1, Daxiang Dong 1, Zhaohui Liang 1 2 1. School of Information, Renmin University

More information

Writing Secure Chrome Apps and Extensions

Writing Secure Chrome Apps and Extensions Writing Secure Chrome Apps and Extensions Keeping your users safe Jorge Lucángeli Obes Software Engineer Keeping users safe A lot of work going into making browsers more secure What about users' data?

More information

Access Control for Plugins in Cordova-based Hybrid Applications

Access Control for Plugins in Cordova-based Hybrid Applications 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising

More information

CS 161 Computer Security

CS 161 Computer Security Paxson Spring 2017 CS 161 Computer Security Midterm 1 Print your name:, (last) (first) I am aware of the Berkeley Campus Code of Student Conduct and acknowledge that any academic misconduct will be reported

More information

Qualys BrowserCheck CoinBlocker

Qualys BrowserCheck CoinBlocker Qualys BrowserCheck CoinBlocker Qualys Malware Research Labs is excited to announce the release of Qualys BrowserCheck CoinBlocker hereafter will be referred to as Qualys CoinBlocker, a free browser extension

More information

Secure Coding and Code Review. Berlin : 2012

Secure Coding and Code Review. Berlin : 2012 Secure Coding and Code Review Berlin : 2012 Outline Overview of top vulnerabilities Code review practice Secure design / writing secure code Write some secure code Review a volunteer's code Top Problems

More information

How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis

How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis White paper How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis AhnLab, Inc. Table of Contents Introduction... 1 Multidimensional Analysis... 1 Cloud-based Analysis...

More information

Web Security: Vulnerabilities & Attacks

Web Security: Vulnerabilities & Attacks Computer Security Course. Song Dawn Web Security: Vulnerabilities & Attacks Cross-site Scripting What is Cross-site Scripting (XSS)? Vulnerability in web application that enables attackers to inject client-side

More information

UNIT 3 SECTION 1 Answer the following questions Q.1: What is an editor? editor editor Q.2: What do you understand by a web browser?

UNIT 3 SECTION 1 Answer the following questions Q.1: What is an editor? editor editor Q.2: What do you understand by a web browser? UNIT 3 SECTION 1 Answer the following questions Q.1: What is an editor? A 1: A text editor is a program that helps you write plain text (without any formatting) and save it to a file. A good example is

More information

Client Side Injection on Web Applications

Client Side Injection on Web Applications Client Side Injection on Web Applications Author: Milad Khoshdel Blog: https://blog.regux.com Email: miladkhoshdel@gmail.com 1 P a g e Contents INTRODUCTION... 3 HTML Injection Vulnerability... 4 How to

More information

Client-Side XSS Filtering in Firefox

Client-Side XSS Filtering in Firefox Client-Side XSS Filtering in Firefox Andreas Vikne and Pål Ellingsen Department of Computing, Mathematics and Physics Western Norway University of Applied Sciences Bergen, Norway Email: andreas.svardal.vikne@stud.hvl.no,

More information

Detecting Obfuscated JavaScript Malware Using Sequences of Internal Function Calls

Detecting Obfuscated JavaScript Malware Using Sequences of Internal Function Calls Detecting Obfuscated JavaScript Malware Using Sequences of Internal Function Calls Alireza Gorji Tarbiat Modares University Tehran, Iran alireza.gorji@modares.ac.ir Mahdi Abadi Tarbiat Modares University

More information

McAfee Labs Threat Advisory Photominer

McAfee Labs Threat Advisory Photominer McAfee Labs Threat Advisory Photominer December 8, 2017 McAfee Labs periodically publishes Threat Advisories to provide customers with a detailed analysis of prevalent malware. This Threat Advisory contains

More information

Chrome Extension Security Architecture

Chrome Extension Security Architecture Chrome Extension Security Architecture Presenter: Jienan Liu Network, Intelligence & security Lab outline Chrome extension introduction Threats towards extension Chrome extension s security architecture

More information

ID: Sample Name: lt.pak Cookbook: default.jbs Time: 12:40:34 Date: 26/07/2018 Version:

ID: Sample Name: lt.pak Cookbook: default.jbs Time: 12:40:34 Date: 26/07/2018 Version: ID: 90 Sample Name: lt.pak Cookbook: default.jbs Time: 12:40:4 Date: 2/0/201 Version: 2.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification

More information

Proposal for Virtual Web Browser by Using HTML5

Proposal for Virtual Web Browser by Using HTML5 Proposal for Virtual Web Browser by Using HTML5 Tomokazu Hayakawa 1 and Teruo Hikita 1 1 School of Science and Technology, Meiji University Kasawaki, 214-8571, Japan {t_haya, hikita}@cs.meiji.ac.jp Abstract.

More information

Client Side Security And Testing Tools

Client Side Security And Testing Tools OWASP Jakarta Tech Day Meetup 2017 Client Side Security And Testing Tools David Cervigni @ Minded Security Agenda Short Intro Client side threats: Why important/difficult Examples: Dom XSS, HTTP Param

More information

Sandboxing JavaScript. Lieven Desmet iminds-distrinet, KU Leuven OWASP BeNeLux Days 2012 (29/11/2012, Leuven) DistriNet

Sandboxing JavaScript. Lieven Desmet iminds-distrinet, KU Leuven OWASP BeNeLux Days 2012 (29/11/2012, Leuven) DistriNet Sandboxing JavaScript Lieven Desmet iminds-distrinet, KU Leuven Lieven.Desmet@cs.kuleuven.be OWASP BeNeLux Days 2012 (29/11/2012, Leuven) DistriNet About myself Lieven Desmet @lieven_desmet Research manager

More information

Browser code isolation

Browser code isolation CS 155 Spring 2016 Browser code isolation John Mitchell Acknowledgments: Lecture slides are from the Computer Security course taught by Dan Boneh and John Mitchell at Stanford University. When slides are

More information

JsSandbox: A Framework for Analyzing the Behavior of Malicious JavaScript Code using Internal Function Hooking

JsSandbox: A Framework for Analyzing the Behavior of Malicious JavaScript Code using Internal Function Hooking KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS VOL. 6, NO. 2, Feb 2012 766 Copyright c 2012 KSII JsSandbox: A Framework for Analyzing the Behavior of Malicious JavaScript Code using Internal Function

More information

Overview Cross-Site Scripting (XSS) Christopher Lam Introduction Description Programming Languages used Types of Attacks Reasons for XSS Utilization Attack Scenarios Steps to an XSS Attack Compromises

More information

ID: Sample Name: Unconfirmed crdownload Cookbook: default.jbs Time: 22:58:07 Date: 08/11/2017 Version:

ID: Sample Name: Unconfirmed crdownload Cookbook: default.jbs Time: 22:58:07 Date: 08/11/2017 Version: ID: 80 Sample Name: Unconfirmed.crdownload Cookbook: default.jbs Time: 22:8:0 Date: 08/11/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection

More information

The security of Mozilla Firefox s Extensions. Kristjan Krips

The security of Mozilla Firefox s Extensions. Kristjan Krips The security of Mozilla Firefox s Extensions Kristjan Krips Topics Introduction The extension model How could extensions be used for attacks - website defacement - phishing attacks - cross site scripting

More information

Web Application Security

Web Application Security Web Application Security Rajendra Kachhwaha rajendra1983@gmail.com October 16, 2015 Lecture 16: 1/ 14 Outline Browser Security Principles: 1 Cross Site Scripting (XSS) 2 Types of XSS 3 Lecture 16: 2/ 14

More information

Design Document V2 ThingLink Startup

Design Document V2 ThingLink Startup Design Document V2 ThingLink Startup Yon Corp Andy Chen Ashton Yon Eric Ouyang Giovanni Tenorio Table of Contents 1. Technology Background.. 2 2. Design Goal...3 3. Architectural Choices and Corresponding

More information

IMPROVING CROSS-SITE REQUEST PRIVACY AND SECURITY: CLIENT-SIDE CROSS-SITE REQUEST WHITELISTS JUSTIN CLAYTON SAMUEL

IMPROVING CROSS-SITE REQUEST PRIVACY AND SECURITY: CLIENT-SIDE CROSS-SITE REQUEST WHITELISTS JUSTIN CLAYTON SAMUEL IMPROVING CROSS-SITE REQUEST PRIVACY AND SECURITY: CLIENT-SIDE CROSS-SITE REQUEST WHITELISTS By JUSTIN CLAYTON SAMUEL A Thesis Submitted to The Honors College In Partial Fulfillment of the Bachelor s degree

More information

JSObfusDetector: A Binary PSO-based One-Class Classifier Ensemble to Detect Obfuscated JavaScript Code

JSObfusDetector: A Binary PSO-based One-Class Classifier Ensemble to Detect Obfuscated JavaScript Code 2015 International Symposium on Artificial Intelligence and Signal Processing (AISP) JSObfusDetector: A Binary PSO-based One-Class Classifier Ensemble to Detect Obfuscated JavaScript Code Mehran Jodavi,

More information

Automated Discovery of Parameter Pollution Vulnerabilities in Web Applications

Automated Discovery of Parameter Pollution Vulnerabilities in Web Applications Automated Discovery of Parameter Pollution Vulnerabilities in Web Applications Marco Balduzzi, Carmen Torrano Gimenez, Davide Balzarotti, and Engin Kirda NDSS 2011 The Web as We Know It 2 Has evolved from

More information

Detect Cyber Threats with Securonix Proxy Traffic Analyzer

Detect Cyber Threats with Securonix Proxy Traffic Analyzer Detect Cyber Threats with Securonix Proxy Traffic Analyzer Introduction Many organizations encounter an extremely high volume of proxy data on a daily basis. The volume of proxy data can range from 100

More information

06 Browsing the Internet with Firefox

06 Browsing the Internet with Firefox 06 Browsing the Internet with Firefox Before starting on the exercise some explanations. Note these are simplified as the intention is to to help with using and exploiting the internet. You will come across

More information

Website Report for colourways.com.au

Website Report for colourways.com.au Website Report for colourways.com.au This report grades your website based on the strength of various factors such as On Page Optimization, Off Page Links, and more. The overall Grade is on a A+ to F-

More information

UP L13: Leveraging the full protection of SEP 12.1.x

UP L13: Leveraging the full protection of SEP 12.1.x UP L13: Leveraging the full protection of SEP 12.1.x Hands on lab Description In this hands on lab you will learn about the different protection technologies bundled in SEP 12.1.x and see how they complement

More information

Security. CSC309 TA: Sukwon Oh

Security. CSC309 TA: Sukwon Oh Security CSC309 TA: Sukwon Oh Outline SQL Injection NoSQL Injection (MongoDB) Same Origin Policy XSSI XSS CSRF (XSRF) SQL Injection What is SQLI? Malicious user input is injected into SQL statements and

More information

McPAD and HMM-Web: two different approaches for the detection of attacks against Web applications

McPAD and HMM-Web: two different approaches for the detection of attacks against Web applications McPAD and HMM-Web: two different approaches for the detection of attacks against Web applications Davide Ariu, Igino Corona, Giorgio Giacinto, Fabio Roli University of Cagliari, Dept. of Electrical and

More information

PDF. Applying File Structure Inspection to Detecting Malicious PDF Files. Received: November 18, 2013, Accepted: July 11, 2014

PDF. Applying File Structure Inspection to Detecting Malicious PDF Files. Received: November 18, 2013, Accepted: July 11, 2014 PDF 1,a) 2,b) 2 2013 11 18, 2014 7 11 MS Rich Text Compound File Binary PDF PDF PDF PDF 164 99.4% PDF Applying File Structure Inspection to Detecting Malicious PDF Files Yuhei Otsubo 1,a) Mamoru Mimura

More information

Technical Specifications Leaderboard + Mobile Leaderboard. 27/12/2018 Tech Specs 1

Technical Specifications Leaderboard + Mobile Leaderboard. 27/12/2018 Tech Specs 1 27/12/2018 Tech Specs 1 27/12/2018 Screenshot 2 Format Device Width*Height Extensions Max. weight Animation Clicktag Leaderboard Desktop / Tablet 728*90 HTML5/GIF/JPG 70 kb 3 loops in 15 clicktag Mobile

More information

Extending the Web Security Model with Information Flow Control

Extending the Web Security Model with Information Flow Control Extending the Web Security Model with Information Flow Control Deian Stefan Advised by David Herman Motivation: 3rd party libraries Password-strength checker Desired security policy: Password is not leaked

More information

Botnets: A Survey. Rangadurai Karthick R [CS10S009] Guide: Dr. B Ravindran

Botnets: A Survey. Rangadurai Karthick R [CS10S009] Guide: Dr. B Ravindran 08-08-2011 Guide: Dr. B Ravindran Outline 1 Introduction 2 3 4 5 6 2 Big Picture Recent Incidents Reasons for Study Internet Scenario Major Threats Flooding attacks Spamming Phishing Identity theft, etc.

More information

Malicious Drive-By-Download Website Classification Using JavaScript Features. Sam Wang. B.Sc., University of Victoria, 2014

Malicious Drive-By-Download Website Classification Using JavaScript Features. Sam Wang. B.Sc., University of Victoria, 2014 Malicious Drive-By-Download Website Classification Using JavaScript Features by Sam Wang B.Sc., University of Victoria, 2014 An Industrial Project Submitted in Partial Fulfillment of the Requirements for

More information

CSE 484 / CSE M 584: Computer Security and Privacy. Web Security. Autumn Tadayoshi (Yoshi) Kohno

CSE 484 / CSE M 584: Computer Security and Privacy. Web Security. Autumn Tadayoshi (Yoshi) Kohno CSE 484 / CSE M 584: Computer Security and Privacy Web Security Autumn 2018 Tadayoshi (Yoshi) Kohno yoshi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Ada Lerner, John Manferdelli,

More information

P2_L12 Web Security Page 1

P2_L12 Web Security Page 1 P2_L12 Web Security Page 1 Reference: Computer Security by Stallings and Brown, Chapter (not specified) The web is an extension of our computing environment, because most of our daily tasks involve interaction

More information

Web Architecture AN OVERVIEW

Web Architecture AN OVERVIEW Web Architecture AN OVERVIEW General web architecture Historically, the client is a web browser But it can be also A mobile application A desktop application Other server applications Internet Server(s)

More information

Is Browsing Safe? Web Browser Security. Subverting the Browser. Browser Security Model. XSS / Script Injection. 1. XSS / Script Injection

Is Browsing Safe? Web Browser Security. Subverting the Browser. Browser Security Model. XSS / Script Injection. 1. XSS / Script Injection Is Browsing Safe? Web Browser Security Charlie Reis Guest Lecture - CSE 490K - 5/24/2007 Send Spam Search Results Change Address? Install Malware Web Mail Movie Rentals 2 Browser Security Model Pages are

More information

ID: Sample Name: test Cookbook: default.jbs Time: 09:46:13 Date: 21/05/2018 Version:

ID: Sample Name: test Cookbook: default.jbs Time: 09:46:13 Date: 21/05/2018 Version: ID: 042 Sample Name: test Cookbook: default.jbs Time: 09:4:1 Date: 21/0/201 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification

More information

Progress Exchange June, Phoenix, AZ, USA 1

Progress Exchange June, Phoenix, AZ, USA 1 1 COMP-1: Securing your web application against hackers Edwin Lijnzaad & Ronald Smits Consultants Agenda Introduction Issues How to... Questions 2 COMP-1: Securing your web application against hackers

More information

Integrity attacks (from data to code): Cross-site Scripting - XSS

Integrity attacks (from data to code): Cross-site Scripting - XSS Pattern Recognition and Applications Lab Integrity attacks (from data to code): Cross-site Scripting - XSS Igino Corona igino.corona (at) diee.unica.it Computer Security April 12, 2018 Department of Electrical

More information

PhishEye: Live Monitoring of Sandboxed Phishing Kits. Xiao Han Nizar Kheir Davide Balzarotti

PhishEye: Live Monitoring of Sandboxed Phishing Kits. Xiao Han Nizar Kheir Davide Balzarotti PhishEye: Live Monitoring of Sandboxed Phishing Kits Xiao Han Nizar Kheir Davide Balzarotti Summary Motivation Sandboxed phishing kits Implementation Results [APWG Phishing Activity Trends Report 2 nd

More information

Application Layer Attacks. Application Layer Attacks. Application Layer. Application Layer. Internet Protocols. Application Layer.

Application Layer Attacks. Application Layer Attacks. Application Layer. Application Layer. Internet Protocols. Application Layer. Application Layer Attacks Application Layer Attacks Week 2 Part 2 Attacks Against Programs Application Layer Application Layer Attacks come in many forms and can target each of the 5 network protocol layers

More information

Web Crawlers Detection. Yomna ElRashidy

Web Crawlers Detection. Yomna ElRashidy Web Crawlers Detection Yomna ElRashidy yomna.el-rashidi@aucegypt.edu Outline Introduction The need for web crawlers detection Web crawlers methodology State of the art in web crawlers detection methodologies

More information

Screening Legitimate and Fake/Crude Antivirus Software

Screening Legitimate and Fake/Crude Antivirus Software reprinted from: IPSJ Transactions on Advanced Computing Systems 7 (1) : 14 22 (2014) IPSJ Online Transactions Vol.7 43 51 (Mar. 2014) [DOI: 10.2197/ipsjtrans.7.43] Regular Paper Screening Legitimate and

More information

So Many Ways to Slap a YoHo: Hacking Facebook & YoVille

So Many Ways to Slap a YoHo: Hacking Facebook & YoVille Tom Stracener Strace, Contract Engineer MITRE EvilAdamSmith, Sr. Security Consultant Sean Barnum, Cybersecurity Principal MITRE So Many Ways to Slap a YoHo: Hacking Facebook & YoVille Misclaneous Disclaimers

More information

ISSN: (Online) Volume 2, Issue 2, February 2014 International Journal of Advance Research in Computer Science and Management Studies

ISSN: (Online) Volume 2, Issue 2, February 2014 International Journal of Advance Research in Computer Science and Management Studies ISSN: 2321-7782 (Online) Volume 2, Issue 2, February 2014 International Journal of Advance Research in Computer Science and Management Studies Research Article / Paper / Case Study Available online at:

More information

NET 311 INFORMATION SECURITY

NET 311 INFORMATION SECURITY NET 311 INFORMATION SECURITY Networks and Communication Department Lec12: Software Security / Vulnerabilities lecture contents: o Vulnerabilities in programs Buffer Overflow Cross-site Scripting (XSS)

More information

Cisco Advanced Malware Protection against WannaCry

Cisco Advanced Malware Protection against WannaCry Cisco Advanced Malware Protection against WannaCry "A false sense of security is worse than a true sense of insecurity" Senad Aruc Consulting Systems Engineer Advanced Threats Group Nils Roald Advanced

More information

McAfee Labs: Combating Aurora

McAfee Labs: Combating Aurora McAfee Labs: Combating Aurora By Rohit Varma, McAfee Labs Contents Overview... 2 McAfee detection names for Aurora... 3 Exploit-Comele... 3 Roarur.dr... 3 Roarur.dll... 3 Symptoms... 5 Characteristics...

More information

WEB SECURITY: XSS & CSRF

WEB SECURITY: XSS & CSRF WEB SECURITY: XSS & CSRF CMSC 414 FEB 22 2018 Cross-Site Request Forgery (CSRF) URLs with side-effects http://bank.com/transfer.cgi?amt=9999&to=attacker GET requests should have no side-effects, but often

More information

Jinx Malware 2.0 We know it s big, we measured it! Itzik Kotler Yoni Rom

Jinx Malware 2.0 We know it s big, we measured it! Itzik Kotler Yoni Rom Jinx Malware 2.0 We know it s big, we measured it! Itzik Kotler Yoni Rom This is how your browser looks like before Jinx has loaded This is how your browser looks like after Jinx has loaded Did you see

More information

ID: Sample Name: vlaue.exe Cookbook: default.jbs Time: 18:54:49 Date: 26/01/2018 Version:

ID: Sample Name: vlaue.exe Cookbook: default.jbs Time: 18:54:49 Date: 26/01/2018 Version: ID: 44024 Sample Name: vlaue.exe Cookbook: default.jbs Time: 18:4:49 Date: 2/01/2018 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence

More information
2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback