Schlumberger et al., 2012 - Google Patents
Jarhead analysis and detection of malicious java appletsSchlumberger et al., 2012
- Document ID
- 2742289546287839256
- Author
- Schlumberger J
- Kruegel C
- Vigna G
- Publication year
- Publication venue
- Proceedings of the 28th Annual Computer Security Applications Conference
External Links
Snippet
Java applets have increasingly been used as a vector to deliver drive-by download attacks that bypass the sandboxing mechanisms of the browser's Java Virtual Machine and compromise the user's environment. Unfortunately, the research community has not given to …
- 238000004458 analytical method 0 title abstract description 52
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/556—Detecting local intrusion or implementing counter-measures involving covert channels, i.e. data leakage between processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Cova et al. | Detection and analysis of drive-by-download attacks and malicious JavaScript code | |
| Schlumberger et al. | Jarhead analysis and detection of malicious java applets | |
| Roseline et al. | A comprehensive survey of tools and techniques mitigating computer and mobile malware attacks | |
| Canfora et al. | Leila: formal tool for identifying mobile malicious behaviour | |
| Xu et al. | Jstill: mostly static detection of obfuscated malicious javascript code | |
| Egele et al. | Defending browsers against drive-by downloads: Mitigating heap-spraying code injection attacks | |
| Kirda et al. | Behavior-based spyware detection. | |
| Canali et al. | Prophiler: a fast filter for the large-scale detection of malicious web pages | |
| Idika et al. | A survey of malware detection techniques | |
| Carmony et al. | Extract Me If You Can: Abusing PDF Parsers in Malware Detectors. | |
| Dhawan et al. | Analyzing information flow in JavaScript-based browser extensions | |
| Lu et al. | Blade: an attack-agnostic approach for preventing drive-by malware infections | |
| US9596255B2 (en) | Honey monkey network exploration | |
| Rajab et al. | Trends in circumventing web-malware detection | |
| Li et al. | A study of malcode-bearing documents | |
| Xu et al. | {PlatPal}: Detecting Malicious Documents with Platform Diversity | |
| Van Overveldt et al. | FlashDetect: ActionScript 3 malware detection | |
| Veerappan et al. | Taxonomy on malware evasion countermeasures techniques | |
| Cao et al. | Jshield: towards real-time and vulnerability-based detection of polluted drive-by download attacks | |
| Khodayari et al. | The great request robbery: An empirical study of client-side request hijacking vulnerabilities on the web | |
| de Vicente Mohino et al. | MMALE--A Methodology for Malware Analysis in Linux Environments. | |
| Zhang et al. | An execution-flow based method for detecting cross-site scripting attacks | |
| Jordan et al. | Safe-pdf: Robust detection of javascript pdf malware using abstract interpretation | |
| Ask | Automatic malware signature generation | |
| Cao | Understanding the characteristics of invasive malware from the Google Play Store |