Title :
Malicious Webpage Detection by Semantics-Aware Reasoning
Author :
Lin, Shih-Fen ; Hou, Yung-Tsung ; Chen, Chia-Mei ; Jeng, Bingchiang ; Laih, Chi-Sung
Author_Institution :
Dept. of Inf. Manage., Nat. Sun Yat-Sen Univ., Kaohsiung
Abstract :
The evolutional development of dynamic HTML techniques empowers attackers a new and powerful tool to compromise machines. A malicious DHTML code disguises itself as a normal Webpage. The malicious Webpage infects the victim when a user browses it. Furthermore, such DHTML code can disguise easily through obfuscation or transformation, which makes detection even harder. Anti-virus software packages commonly use signature-based approaches which might not be able to efficiently identify camouflage malicious HTML code. In this paper, we propose a novel semantics-aware reasoning detection algorithm (SeAR) using the techniques of semantic modeling and memory-based reasoning for malicious Webpage detection. SeAR is resilient to code obfuscations and is able to detect malicious Webpage correctly. The experiments demonstrate that our detection algorithm can effectively detect variants of malicious HTML code with a low false rate.
Keywords :
Internet; computer viruses; digital signatures; hypermedia markup languages; software packages; antivirus software packages; camouflage malicious HTML code identification; code obfuscations; dynamic HTML techniques; malicious DHTML code; malicious Web page detection; memory-based reasoning; semantic modeling; semantics-aware reasoning detection algorithm; signature-based approaches; Detection algorithms; Detectors; Frequency; HTML; Information management; Intelligent systems; Java; National security; Software packages; Web and internet services; HTML; malicious code; memory-based reasoning; semantics modeling;
Conference_Titel :
Intelligent Systems Design and Applications, 2008. ISDA '08. Eighth International Conference on
Conference_Location :
Kaohsiung
Print_ISBN :
978-0-7695-3382-7
DOI :
10.1109/ISDA.2008.290
