Deprecated: Array and string offset access syntax with curly braces is deprecated in /home/salim215/public_html/sites/all/modules/custom_sitemap/custom_sitemap.module on line 300
Weaknesses in Defenses Against Web-borne Malware | AskCypert

Error message

  • Warning: include_once(sites/all/modules/socialmedia/socialmedia.widgets.inc): failed to open stream: No such file or directory in include_once() (line 31 of /home/salim215/public_html/sites/all/modules/socialmedia/socialmedia.module).
  • Warning: include_once(): Failed opening 'sites/all/modules/socialmedia/socialmedia.widgets.inc' for inclusion (include_path='.:/opt/alt/php74/usr/share/pear') in include_once() (line 31 of /home/salim215/public_html/sites/all/modules/socialmedia/socialmedia.module).

Weaknesses in Defenses Against Web-borne Malware

ABSTRACT

Web-based mechanisms, often mediated by malicious JavaScript code, play an important role in malware delivery today, making defenses against web-borne malware crucial for system security. This talk explores weaknesses in existing approaches to the detection of malicious JavaScript code. These approaches generally fall into two categories: lightweight techniques focusing on syntactic features such as string obfuscation and dynamic code generation; and heavier-weight approaches that look for deeper semantic characteristics such as the presence of shellcode-like strings or execution of exploit code. We show that each of these approaches has its weaknesses, and that state-of-the-art detectors using these techniques can be defeated using cloaking techniques that combine emulation with dynamic anti-analysis checks. Our goal is to promote a discussion in the research community focusing on robust defensive techniques rather than ad-hoc solutions.