Hyun-lock Choo, Sanghwan Oh, Jonghun Jung, Hwankuk Kim
{"title":"基于行为的HTML5恶意特性分析技术","authors":"Hyun-lock Choo, Sanghwan Oh, Jonghun Jung, Hwankuk Kim","doi":"10.1109/IMIS.2015.67","DOIUrl":null,"url":null,"abstract":"HTML5 announced in October 2014 contains many more functions than previous HTML versions. It includes the media controls of audio, video, canvas, etc., and it is designed to access the browser file system through the Java Script API such as the web storage and file reader API. In addition, it provides the powerful functions to replace existing active X. As the HTML5 standard is adopted, the conversion of web services to HTML5 is being carried out all over the world. The browser developers particularly have high expectation for HTML5 as it provides many mobile functions. However, as there is much expectation of HTML5, the damage of malicious attacks using HTML5 is also expected to be large. The script, which is the key to HTML5 functions, is a different type from existing malware attacks as a malicious attack can be generated merely by only a user accessing a browser. The existing known attacks can also be reused by bypassing the detection systems through the new HTML5 elements. This paper intends to define the unique HTML5 behavior data through the browser execution data and to propose the detection of malware by categorizing the malicious HTML5 features.","PeriodicalId":144834,"journal":{"name":"2015 9th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing","volume":"15 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"The Behavior-Based Analysis Techniques for HTML5 Malicious Features\",\"authors\":\"Hyun-lock Choo, Sanghwan Oh, Jonghun Jung, Hwankuk Kim\",\"doi\":\"10.1109/IMIS.2015.67\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"HTML5 announced in October 2014 contains many more functions than previous HTML versions. It includes the media controls of audio, video, canvas, etc., and it is designed to access the browser file system through the Java Script API such as the web storage and file reader API. In addition, it provides the powerful functions to replace existing active X. As the HTML5 standard is adopted, the conversion of web services to HTML5 is being carried out all over the world. The browser developers particularly have high expectation for HTML5 as it provides many mobile functions. However, as there is much expectation of HTML5, the damage of malicious attacks using HTML5 is also expected to be large. The script, which is the key to HTML5 functions, is a different type from existing malware attacks as a malicious attack can be generated merely by only a user accessing a browser. The existing known attacks can also be reused by bypassing the detection systems through the new HTML5 elements. This paper intends to define the unique HTML5 behavior data through the browser execution data and to propose the detection of malware by categorizing the malicious HTML5 features.\",\"PeriodicalId\":144834,\"journal\":{\"name\":\"2015 9th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing\",\"volume\":\"15 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-07-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 9th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IMIS.2015.67\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 9th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IMIS.2015.67","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The Behavior-Based Analysis Techniques for HTML5 Malicious Features
HTML5 announced in October 2014 contains many more functions than previous HTML versions. It includes the media controls of audio, video, canvas, etc., and it is designed to access the browser file system through the Java Script API such as the web storage and file reader API. In addition, it provides the powerful functions to replace existing active X. As the HTML5 standard is adopted, the conversion of web services to HTML5 is being carried out all over the world. The browser developers particularly have high expectation for HTML5 as it provides many mobile functions. However, as there is much expectation of HTML5, the damage of malicious attacks using HTML5 is also expected to be large. The script, which is the key to HTML5 functions, is a different type from existing malware attacks as a malicious attack can be generated merely by only a user accessing a browser. The existing known attacks can also be reused by bypassing the detection systems through the new HTML5 elements. This paper intends to define the unique HTML5 behavior data through the browser execution data and to propose the detection of malware by categorizing the malicious HTML5 features.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
