Malicious web script-based cyber attack protection technology
Abstract
Recent web-based cyber attacks are evolving into a new form of attacks such as private information theft and DDoS attack exploiting JavaScript within a web page. These attacks can be made just by accessing a web site without distribution of malicious codes and infection. Script-based cyber attacks are hard to detect with traditional security equipments such as Firewall and IPS because they inject malicious scripts in a response message for a normal web request. Furthermore, they are hard to trace because attacks such as DDoS can be made just by visiting a web page. Due to these reasons, it is expected that they could result in direct damages and great ripple effects. To cope with these issues, in this article, a proposal is made for techniques that are used to detect malicious scripts through real-time web content analysis and to automatically generate detection signatures for malicious JavaScript.
Cite
@article{arxiv.1502.03872,
title = {Malicious web script-based cyber attack protection technology},
author = {JongHun Jung and Hwan-Kuk Kim and Soojin Yoon},
journal= {arXiv preprint arXiv:1502.03872},
year = {2015}
}