Abstract
While the Web provides much convenience and many people all over the world use it almost every day, it is often misused as a medium for distributing malware without users’ knowledge. Special care is particularly needed with regard to Websites that are popular with users, since their infection with malware can greatly extend the scope of any damage. Damage caused by malware can be minimized by detecting malicious sites and taking the necessary countermeasures early on. As attack techniques have been evolving, including the abuse of unknown vulnerabilities and the application of detection evasion technology, the advancement of detection technology is urgently required. Leading methods of inspecting the malware concealed in websites include low interaction Web crawling detection, which is fast but dependent upon the signature, and high interaction behavior-based detection, which offers a wide detection range and enables the detection of unknown attacks, although it is somewhat slow. This paper proposes a technology that can visit and quickly inspect large websites to more accurately detect unknown attacks and detection-evading attacks.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Jamie R (2008) Server honeypot vs. client honeypot. The Honeynet project. http://www.honeynet.org/node/158. Accessed Aug 2008
Ikinci A, Holz T, Freiling F (2008) Monkey-spider: detecting malicious websites with low-interaction honeyclients. In: Proceedings of Sicherheit, Schutz und Zuverl, April 2008
Wang Y, Beck D, Jiang X, Roussev R, Verbowski C, Chen S, King S (2006) Automated web patrol with strider honeymonkeys: finding web sites that exploit browser vulnerabilities. In: 13th annual network and distributed system security symposium. Internet Society, San Die
New Zealand Honeynet Project Capture-HPC—capture—the high interaction client honeypot. http://www.nz-honeynet.org/capture.html
Kim BI, Cheong JI, Cheong HC Study of search keyword based automatic malware collection system
Kim BI Study of automatic collection of malware distributed through SNS. ISSN 1738-611X
Acknowledgments
This research was supported by the Korea Communications Commission (KCC), Korea, under the R&D program supervised by the Korea Communications Agency (KCA)”(KCA-2012-(10912-06001)).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer Science+Business Media Dordrecht
About this paper
Cite this paper
Kim, JS., Kang, HK., Jeong, HC. (2013). Study of Behavior-Based High Speed Visit/Inspection Technology to Detect Malicious Websites. In: Kim, K., Chung, KY. (eds) IT Convergence and Security 2012. Lecture Notes in Electrical Engineering, vol 215. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-5860-5_2
Download citation
DOI: https://doi.org/10.1007/978-94-007-5860-5_2
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-5859-9
Online ISBN: 978-94-007-5860-5
eBook Packages: EngineeringEngineering (R0)