ADSandbox: Sandboxing JavaScript to fight Malicious Websites

Beitrag bei einer Tagung
(Originalarbeit)


Details zur Publikation

Autorinnen und Autoren: Dewald A, Holz T, Freiling F
Auflage: 1
Titel Sammelwerk: Proceedings of the ACM Symposium on Applied Computing
Jahr der Veröffentlichung: 2010
Band: SAC '10
Tagungsband: Proceedings of the 2010 ACM Symposium on Applied Computing
Seitenbereich: 1859-1864
ISBN: 978-1-60558-639-7


Abstract

We present ADSandbox, an analysis system for malicious websites that focusses on detecting attacks through JavaScript. Since, in contrast to Java, JavaScript does not have any built-in sandbox concept, the idea is to execute any embedded JavaScript within an isolated environment and log every critical action. Using heuristics on these logs, ADSandbox decides whether the site is malicious or not. In contrast to previous work, this approach combines generality with usability, since the system is executed directly on the client running the web browser before the web page is displayed. We show that we can achieve false positive rates close to 0% and false negative rates below 15% with a performance overhead of only a few seconds, what is a bit high for real time application, but supposes a great potential for future versions of our tool. © 2010 ACM.


FAU-Autorinnen und Autoren / FAU-Herausgeberinnen und Herausgeber

Dewald, Andreas Dr.-Ing.
Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen)
Freiling, Felix Prof. Dr.-Ing.
Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen)


Einrichtungen weiterer Autorinnen und Autoren

Ruhr-Universität Bochum (RUB)


Zitierweisen

APA:
Dewald, A., Holz, T., & Freiling, F. (2010). ADSandbox: Sandboxing JavaScript to fight Malicious Websites. In Proceedings of the 2010 ACM Symposium on Applied Computing (pp. 1859-1864). Sierre, Switzerland, CH.

MLA:
Dewald, Andreas, Thorsten Holz, and Felix Freiling. "ADSandbox: Sandboxing JavaScript to fight Malicious Websites." Proceedings of the ACM Symposium on Applied Computing (SAC), Sierre, Switzerland 2010. 1859-1864.

BibTeX: 

Zuletzt aktualisiert 2019-15-05 um 19:38