2014 | OriginalPaper | Chapter
SafeBrowsingCloud: Detecting Drive-by-Downloads Attack Using Cloud Computing Environment
Authors : Haibo Zhang, Chaoshun Zuo, Shanqing Guo, Lizhen Cui, Jun Chen
Published in: Internet of Vehicles – Technologies and Services
Publisher: Springer International Publishing
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
Drive-by downloads attack has become the primary attack vehicle for malware distribution in recent years. One existing method of detecting drive-by download attacks is using static analysis technique. However, static detection methods are vulnerable to sophisticated obfuscation and cloaking. Dynamic detection methods are proposed to overcome the shortcomings of static analysis techniques and can get a higher detection rate. But dynamic anomaly detection methods are typically resource intensive and introduce high time overhead. To improve performance of dynamic detection techniques, we designed SafeBrowingCloud, a system based on apache S4, a distributed computing platform. And the system is deployed at edge router. SafeBrowingCloud analyzes network traffic, executes webpages in firefox with modified javascript engine, abstracts javascript strings and detects shellcode with three shellcode detection methods to find malicious web pages. Experimental results show efficiency of the proposed system with the high-speed network traffic.