Detecting Malicious Scripts in Web Contents through Remote Code Verification


The KIPS Transactions:PartC, Vol. 19, No. 1, pp. 47-54, Feb. 2012
10.3745/KIPSTC.2012.19.1.47,   PDF Download:

Abstract

Sharing cross-site resources has been adopted by many recent websites in the forms of service-mashup and social network services. In this change, exploitation of the new vulnerabilities increases, which includes inserting malicious codes into the interaction points between clients and services instead of attacking the websites directly. In this paper, we present a system model to identify malicious script codes in the web contents by means of a remote verification while the web contents downloaded from multiple trusted origins are executed in a client`s browser space. Our system classifies verification items according to the origin of request based on the information on the service code implementation and stores the verification results into three databases composed of white, gray, and black lists. Through the experimental evaluations, we have confirmed that our system provides clients with increased security by effectively detecting malicious scripts in the mashup web environment.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
J. Y. Choi, S. K. Kim, H. J. Lee, B. J. Min, "Detecting Malicious Scripts in Web Contents through Remote Code Verification," The KIPS Transactions:PartC, vol. 19, no. 1, pp. 47-54, 2012. DOI: 10.3745/KIPSTC.2012.19.1.47.

[ACM Style]
Jae Yeong Choi, Sung Ki Kim, Hyuk Jun Lee, and Byoung Joon Min. 2012. Detecting Malicious Scripts in Web Contents through Remote Code Verification. The KIPS Transactions:PartC, 19, 1, (2012), 47-54. DOI: 10.3745/KIPSTC.2012.19.1.47.