Journal of Advances in Information Technology, Vol 2, No 4 (2011), 217-221, Nov 2011
doi:10.4304/jait.2.4.217-221

An Efficient Technique for Detection of Suspicious Malicious Web Site

K. Pragadeesh Kumar, N. Jaisankar, N. Mythili

Abstract


In today’s web world web sites became attackers’ main target. Since days before virus signatures had been used to detect malicious web pages. In this paper the malicious web pages will be detected using a prototype system based on the concept of abnormal visibility, also it detects the exact location of malicious code in the source code. The proposed prototype system uses a Web Spider which captures the entire link URLs associated with the web page. HTML parser will parse the web pages and convert the code into data structures recognized by the Detector. The Detector will match the structure with the abnormal visibility fingerprints and locates possible malicious code. The system proves higher performance, higher efficiency and lower maintenance cost, almost all malicious web pages are detected and the malicious codes encoded in the JavaScript. The system provides security alarm for end-users before visiting malicious web pages.



References


G. McGraw and G. Morrisett. "Attacking malicious code: report to the Infosec research council," IEEE Software, Vol. 17, No. 5, pp. 33-41, 2000.
http://dx.doi.org/10.1109/52.877857

M. Christodorescu, and S. Jha. "Testing malware detectors," Proceedings of the ACM SIGSOFT International Symposium on Software Testing and Analysis 2004, pp. 34- 44, Boston, MA, USA, July 2004. .

I. S. Ja J. Kinder, S. Katzenbeisser, C. Schallhart, and H. Veith. "Detecting malicious code by model checking," Proceedings of the 2nd International Conference on Intrusion and Malware Detection and Vulnerability Assessment, Vol. 3548, pp. 174-187, Vienna, Austria, July 2005. [CrossRef] .
http://dx.doi.org/10.1007/11506881_11

M. Christodorescu, S. Jha, S. A. Seshia, D. Song, and R. E. Bryant. "Semantics-aware malware detection," Proceedings of the 2005 IEEE Symposium on Security and Privacy, pp. 32-46, Oakland, CA, USA, May 2005.

J. Bergeron et al. "Static Detection of Malicious Code in ExecuTable Programs," Symposium on Requirements Engineering for Information Security, Indianapolis, Indiana, USA, March 2001.

M. Christodorescu and S. Jha. "Testing malware detectors," Proceedings of the ACM SIGSOFT International Symposium on Software Testing and Analysis 2004, pp. 34-44, Boston, MA, USA, July 2004.

M. Young, Alexander Moshchuk, Tanya Bragin, Steven D. Gribble, and Henry M. Levy. "A Crawler-based Study of Spyware on the Web," In Proceedings of the 2006 Network and Distributed System Security Symposium, pages 17-33, February 2006.

Bin Liang et al. Malicious Web Pages Detection Based on Abnormal Visibility Recognition, IEEE, 2009.

Provos, N., McNamee, D., Mavrommatis, P., Wang, K., Modadugu, N. "The Ghost In The Browser Analysis of Webbased Malware, " First Workshop on Hot Topics in Understanding Botnets April 10, 2007, Cambridge, MA.


Full Text: PDF


Journal of Advances in Information Technology (JAIT, ISSN 1798-2340)

Copyright @ 2006-2012 by ACADEMY PUBLISHER – All rights reserved.