The Experts below are selected from a list of 7113 Experts worldwide ranked by ideXlab platform
Hao Zhang - One of the best experts on this subject based on the ideXlab platform.
-
ICNC (6) - A Web Page Malicious Code Detect Approach Based on Script Execution
2009 Fifth International Conference on Natural Computation, 2009Co-Authors: Zhi Yong Li, Hao ZhangAbstract:Web page Malicious Code detection is a crucial aspect of Internet security. Current web page Malicious Codes detection work by checking for “signatures”, which attempt to capture (syntactic) characteristics of the known Malicious Codes. This reliance on a syntactic approach makes such detectors vulnerable to Code obfuscations, increasingly used by Malicious Codewriters, which alter syntactic prosperities of the Malicious Code without affecting their execution behavior significantly. This paper takes the position that the key to webpage Malicious Code lies in their execution behavior. It proposes a script execution behavior feature based framework for analyzing propose of Malicious Codes and proving properties such as soundness and completeness of these Malicious Codes. Our approach analyses the script and confirms the script which contains Malicious Code by finding shell Code, overflow behavior and hidden hyper link. As a concrete application of our approach,we show that the script execution behavior based webpage Malicious Code detector can detect many known Malicious Code but also the newest Malicious Code.
-
A Web Page Malicious Code Detect Approach Based on Script Execution
2009 Fifth International Conference on Natural Computation, 2009Co-Authors: Zhi Yong Li, Zhen-He Cai, Ran Tao, Hao ZhangAbstract:Web page Malicious Code detection is a crucial aspect of Internet security. Current Web page Malicious Codes detection work by checking for ¿signatures¿, which attempt to capture (syntactic) characteristics of the known Malicious Codes. This reliance on a syntactic approach makes such detectors vulnerable to Code obfuscations, increasingly used by Malicious Codewriters, which alter syntactic prosperities of the Malicious Code without affecting their execution behavior significantly. This paper takes the position that the key to Webpage Malicious Code lies in their execution behavior. It proposes a script execution behavior feature based framework for analyzing propose of Malicious Codes and proving properties such as soundness and completeness of these Malicious Codes. Our approach analyses the script and confirms the script which contains Malicious Code by finding shell Code, overflow behavior and hidden hyper link. As a concrete application of our approach,we show that the script execution behavior based Webpage Malicious Code detector can detect many known Malicious Code but also the newest Malicious Code.
Zhi Yong Li - One of the best experts on this subject based on the ideXlab platform.
-
ICNC (6) - A Web Page Malicious Code Detect Approach Based on Script Execution
2009 Fifth International Conference on Natural Computation, 2009Co-Authors: Zhi Yong Li, Hao ZhangAbstract:Web page Malicious Code detection is a crucial aspect of Internet security. Current web page Malicious Codes detection work by checking for “signatures”, which attempt to capture (syntactic) characteristics of the known Malicious Codes. This reliance on a syntactic approach makes such detectors vulnerable to Code obfuscations, increasingly used by Malicious Codewriters, which alter syntactic prosperities of the Malicious Code without affecting their execution behavior significantly. This paper takes the position that the key to webpage Malicious Code lies in their execution behavior. It proposes a script execution behavior feature based framework for analyzing propose of Malicious Codes and proving properties such as soundness and completeness of these Malicious Codes. Our approach analyses the script and confirms the script which contains Malicious Code by finding shell Code, overflow behavior and hidden hyper link. As a concrete application of our approach,we show that the script execution behavior based webpage Malicious Code detector can detect many known Malicious Code but also the newest Malicious Code.
-
A Web Page Malicious Code Detect Approach Based on Script Execution
2009 Fifth International Conference on Natural Computation, 2009Co-Authors: Zhi Yong Li, Zhen-He Cai, Ran Tao, Hao ZhangAbstract:Web page Malicious Code detection is a crucial aspect of Internet security. Current Web page Malicious Codes detection work by checking for ¿signatures¿, which attempt to capture (syntactic) characteristics of the known Malicious Codes. This reliance on a syntactic approach makes such detectors vulnerable to Code obfuscations, increasingly used by Malicious Codewriters, which alter syntactic prosperities of the Malicious Code without affecting their execution behavior significantly. This paper takes the position that the key to Webpage Malicious Code lies in their execution behavior. It proposes a script execution behavior feature based framework for analyzing propose of Malicious Codes and proving properties such as soundness and completeness of these Malicious Codes. Our approach analyses the script and confirms the script which contains Malicious Code by finding shell Code, overflow behavior and hidden hyper link. As a concrete application of our approach,we show that the script execution behavior based Webpage Malicious Code detector can detect many known Malicious Code but also the newest Malicious Code.
Chang Hong-jiao - One of the best experts on this subject based on the ideXlab platform.
-
The Analysis, Prevention and Cure of the Web Page Malicious Code
Journal of Huaibei Industry Teachers College, 2020Co-Authors: Chang Hong-jiaoAbstract:This essay expatiates what web page Malicious Code is,discusses t he reason of its appearance, the difference between it and computer virus,analyzes some typical web page Malicious Code and provides the solutions prevent it.
M. Archer - One of the best experts on this subject based on the ideXlab platform.
-
Automated assistance for detecting Malicious Code
1993Co-Authors: Richard H. Crawford, P. Kerchen, M. Archer, Karl N. Levitt, Ronald A. Olsson, M. CasillasAbstract:This paper gives an update on the continuing work on the Malicious Code Testbed (MCT). The MCT is a semi-automated tool, operating in a simulated, cleanroom environment, that is capable of detecting many types of Malicious Code, such as viruses, Trojan horses, and time/logic bombs. The MCT allows security analysts to check a program before installation, thereby avoiding any damage a Malicious program might inflict.
-
Compcon - Towards a testbed for Malicious Code detection
COMPCON Spring '91 Digest of Papers, 1991Co-Authors: Raymond W. Lo, P. Kerchen, J. Crossley, G. Fink, Richard H. Crawford, W. Wilson Ho, Karl N. Levitt, Ronald A. Olsson, M. ArcherAbstract:An environment for detecting many types of Malicious Code, including computer viruses, Trojan horses, and time/logic bombs, is proposed. The Malicious Code testbed (MCT) is based upon both static and dynamic analysis tools developed at the University of California, Davis, which have been shown to be effective against certain types of Malicious Code. The testbed extends the usefulness of these tools by using them in a complementary fashion to detect more general cases of Malicious Code. Perhaps more importantly, the MCT allows administrators and security analysts to check a program before installation, thereby avoiding any damage a Malicious program might inflict. >
-
Towards a testbed for Malicious Code detection
COMPCON Spring '91 Digest of Papers, 1991Co-Authors: R. Lo, P. Kerchen, R. Crawford, W. Ho, J. Crossley, G. Fink, K. Levitt, R. Olsson, M. ArcherAbstract:An environment for detecting many types of Malicious Code, including computer viruses, Trojan horses, and time/logic bombs, is proposed. The Malicious Code testbed (MCT) is based upon both static and dynamic analysis tools developed at the University of California, Davis, which have been shown to be effective against certain types of Malicious Code. The testbed extends the usefulness of these tools by using them in a complementary fashion to detect more general cases of Malicious Code. Perhaps more importantly, the MCT allows administrators and security analysts to check a program before installation, thereby avoiding any damage a Malicious program might inflict.
John P. Mcgregor - One of the best experts on this subject based on the ideXlab platform.
-
SPC - Enlisting hardware architecture to thwart Malicious Code injection
Lecture Notes in Computer Science, 2020Co-Authors: David K. Karig, John P. McgregorAbstract:Software vulnerabilities that enable the injection and execution of Malicious Code in pervasive Internet-connected computing devices pose serious threats to cyber security. In a common type of attack, a hostile party induces a software buffer overflow in a susceptible computing device in order to corrupt a procedure return address and transfer control to Malicious Code. These buffer overflow attacks are often employed to recruit oblivious hosts into distributed denial of service (DDoS) attack networks, which ultimately launch devastating DDoS attacks against victim networks or machines. In spite of existing software countermeasures that seek to prevent buffer overflow exploits, many systems remain vulnerable.
-
Enlisting Hardware Architecture to Thwart Malicious Code Injection
2010Co-Authors: Ruby B. Lee, John P. Mcgregor, David K. Karig, Zhijie ShiAbstract:Software vulnerabilities that enable the injection and execution of Malicious Code in pervasive Internet-connected computing devices pose serious threats to cyber security. In a common type of attack, a hostile party induces a software buffer overflow in a susceptible computing device in order to corrupt a procedure return address and transfer control to Malicious Code. These buffer overflow attacks are often employed to recruit oblivious hosts into distributed denial of service (DDoS) attack networks, which ultimately launch devastating DDoS attacks against victim networks or machines. In spite of existing software countermeasures that seek to prevent buffer overflow exploits, many systems remain vulnerable. © Springer-Verlag 2004.
-
Enlisting hardware architecture to thwart Malicious Code injection
Security in Pervasive Computing, 2004Co-Authors: David K. Karig, John P. McgregorAbstract:Software vulnerabilities that enable the injection and execution of Malicious Code in pervasive Internet-connected computing devices pose serious threats to cyber security. In a common type of attack, a hostile party induces a software buffer overflow in a susceptible computing device in order to corrupt a procedure return address and transfer control to Malicious Code. These buffer overflow attacks are often employed to recruit oblivious hosts into distributed denial of service (DDoS) attack networks, which ultimately launch devastating DDoS attacks against victim networks or machines. In spite of existing software countermeasures that seek to prevent buffer overflow exploits, many systems remain vulnerable.
