Abstract
The use of non-standard plug-ins has been unavoidable in existing HTML. Accordingly, the rising dependence of web content on plug-ins increased and need for additional development suited to platform incurred considerable developmental expenses and time. HTML5 was a suggested solution to this problem, but could cause new security threats through newly added technologies, meaning that web-related elements such as websites, web content, devices and others are exposed to a new type of threat. In this thesis, we suggest a technology to detect website security threats in advance that includes HTML5.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Microsoft Security Intelligence Report (SIR) Volume 17, pp. 43–54. Microsoft (2014)
Shah, S.: Founder & Director, Blueinfy Solutions, “HTML5 Top 10 Threats Stealth Attacks and Silent Exploits”, pp. 1–20. Black Hat, USA (2012)
Agten, P., Van Acker, S., Brondsema, Y., Phung, P.H., Desmet, L., Piessens, F.: Jsand: complete client-side sandboxing of third-party javascript without browser modifications. In: Proceedings of the 28th Annual Computer Security Applications Conference, pp. 11–21. ACM (2012)
Moshchuk, A., et al.: SpyProxy: Execution- based Detection of Malicious Web Content. USENIX Security (2007)
Li, Z., et al.: WebShield: enabling various web defense techniques without client side modifications. In: NDSS (2011)
Xu, W., Zhang, F., Zhu, S.: The power of obfuscation techniques in malicious JavaScript code: A measurement study. In: 7th International Conference on Malicious and Unwanted Software (MALWARE). IEEE (2012)
Choi, Y., Kim, T., Choi, S., Lee, C.: Automatic detection for javascript obfuscation attacks in web pages through string pattern analysis. In: Lee, Y.-h., Kim, T.-h., Fang, W.-c., Ślęzak, D. (eds.) FGIT 2009. LNCS, vol. 5899, pp. 160–172. Springer, Heidelberg (2009). doi:10.1007/978-3-642-10509-8_19
Alexa Top 100. http://www.alexa.com/topsites
Acknowledgments
This study was conducted as part of information communications and broadcasting R&D project by Ministry of Science, ICT and Future Planning, and Institute for Information & Communications Technology Promotion [B0101-15-0230, Prevention of script based cyber attack and development of counter technology].
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Park, SM., Bae, HC., Cha, YT., Kim, HK. (2017). Code Modification and Obfuscation Detection Test Using Malicious Script Distributing Website Inspection Technology. In: Park, J., Pan, Y., Yi, G., Loia, V. (eds) Advances in Computer Science and Ubiquitous Computing. UCAWSN CUTE CSA 2016 2016 2016. Lecture Notes in Electrical Engineering, vol 421. Springer, Singapore. https://doi.org/10.1007/978-981-10-3023-9_12
Download citation
DOI: https://doi.org/10.1007/978-981-10-3023-9_12
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-3022-2
Online ISBN: 978-981-10-3023-9
eBook Packages: EngineeringEngineering (R0)