Abstract
In recent years, attacks that exploit vulnerabilities in browsers and their associated plugins have increased significantly. These attacks are often written in JavaScript and millions of URLs contain such malicious content.
Over the last several years, we have created a series of techniques designed to detect and prevent malicious software or malware. These techniques focus on detecting malware that infects web pages. Much of this research has been done in close collaboration with a major search engine, Bing, which is interested in making sure it does not present malicious results to its users, independently of the user’s browser, location, or operating system. As such, detection needs to be as general and wide-reaching as possible. While some of the techniques summarized below can be deployed within a web browser, our primary deployment model involves crawling the web in an effort to find and blacklist malicious pages.
In the rest of this paper, we will summarize three related projects: Nozzle, Zozzle, and Rozzle. Nozzle is a runtime malware detector. Zozzle is a a mostly static malware detector. Finally, Rozzle is a de-cloacking technique that amplifies both.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Curtsinger, C., Livshits, B., Zorn, B., Seifert, C.: Zozzle: Low-overhead mostly static JavaScript malware detection. In: Proceedings of the Usenix Security Symposium (August 2011)
Kolbitsch, C., Livshits, B., Zorn, B., Seifert, C.: Rozzle: De-cloaking internet malware. In: IEEE Symposium on Security and Privacy (May 2012)
Ratanaworabhan, P., Livshits, B., Zorn, B.: Nozzle: A defense against heap-spraying code injection attacks. In: Proceedings of the Usenix Security Symposium (August 2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Livshits, B. (2012). Finding Malware on a Web Scale. In: Kotenko, I., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2012. Lecture Notes in Computer Science, vol 7531. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33704-8_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-33704-8_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33703-1
Online ISBN: 978-3-642-33704-8
eBook Packages: Computer ScienceComputer Science (R0)