Title :
WebVaccine: A Client-Side Realtime Prevention System against Obfuscated Malicious Web Pages
Author :
Kang, JungMin ; Sohn, KiWook ; Jung, Soonyoung
Author_Institution :
Attached Inst., ETRI, Daejeon, South Korea
Abstract :
As a solution for malicious Web page attacks, we need a client-side prevention system with deobfuscation mechanism. In this paper we introduce WebVaccine, that is a client-side real-time prevention system against obfuscated malicious Web pages. For secure web surfing, before the navigation to be completed, WebVaccine inserts a deobfuscation function call routine prior to the vulnerable script functions in malicious Web pages, and makes the inserted function to extract the deobfuscated script string so that the string can be analyzed by a signature based detection subsystem or third party detection tools. We rest assured that the WebVaccine framework does not affect the execution of dynamic script interpretation while running web browsers and is likely to be of success.
Keywords :
Web sites; client-server systems; real-time systems; security of data; Web surfing security; WebVaccine framework; client side realtime prevention system; deobfuscation mechanism; dynamic script interpretation; obfuscated malicious Web page; third party detection tool; vulnerable script function; Augmented virtuality; Computer science education; Decoding; Intrusion detection; Java; Navigation; Pattern matching; Security; Uniform resource locators; Web pages; Obfuscation; Web Page; WebVaccine;
Conference_Titel :
INC, IMS and IDC, 2009. NCM '09. Fifth International Joint Conference on
Conference_Location :
Seoul
Print_ISBN :
978-1-4244-5209-5
Electronic_ISBN :
978-0-7695-3769-6
DOI :
10.1109/NCM.2009.82
