本文選題：惡意網(wǎng)頁　切入點(diǎn)：惡意軟件　出處：《計(jì)算機(jī)應(yīng)用》2016年07期 　論文類型：期刊論文

【摘要】：目前,很多惡意網(wǎng)頁僅利用常規(guī)的Web編程技術(shù)使得瀏覽器自動(dòng)下載木馬等惡意軟件并誘騙用戶執(zhí)行。這種惡意行為被稱為自動(dòng)下載。瀏覽器中現(xiàn)有的防御機(jī)制并不能有效地識別這種攻擊。針對此類惡意行為,提出了一種防御方法。該方法通過監(jiān)控網(wǎng)頁中能導(dǎo)致自動(dòng)下載的操作,并在下載實(shí)際發(fā)生時(shí)判斷是否由用戶觸發(fā),來識別自動(dòng)下載行為并加以阻斷。此防御方法已經(jīng)在Web Kit Gtk+2.8.0和Chromium 38.0.2113.1兩個(gè)瀏覽器中實(shí)現(xiàn),并進(jìn)行了評估:兩個(gè)檢測防御系統(tǒng)針對現(xiàn)存的攻擊樣本均無誤報(bào)和漏報(bào),額外的性能開銷分別為1.26%和7.79%。實(shí)驗(yàn)結(jié)果表明,該方法能夠有效地監(jiān)測并阻斷自動(dòng)下載攻擊且性能開銷較小。
[Abstract]:At present, many malicious web pages using only conventional Web programming technology makes the browser automatically download Trojans and other malicious software and trick users into execution. Such malicious behavior is called automatic download. The existing defense mechanisms can not be in the browser and effectively identify this attack. For such malicious behavior, put forward a kind of Defense method. This method can to automatically download operation by monitoring the web page, and determine whether it is triggered by a user in the actual download, to identify and block the automatic download behavior. This defense method has been implemented in the Web Kit Gtk+2.8.0 and Chromium 38.0.2113.1 two browser, and were evaluated: two according to the existing attack detection and defense system samples no false positives and false negatives, an additional performance overhead is 1.26% and 7.79%. respectively. The experimental results show that this method can effectively monitor and automatically download blocking attack The performance cost is small.

【作者單位】： 中國人民大學(xué)信息學(xué)院;
【基金】：國家自然科學(xué)基金資助項(xiàng)目(61170240,91418206,61472429) 國家科技重大專項(xiàng)(2012ZX01039-004)~~
【分類號】：TP393.08

【相似文獻(xiàn)】

相關(guān)期刊論文 前3條

1 劉歡;實(shí)現(xiàn)ActiveX控件的自動(dòng)下載[J];電腦編程技巧與維護(hù);1998年11期

2 ;大蝦門診[J];計(jì)算機(jī)與網(wǎng)絡(luò);2005年11期

3 ;[J];;年期

相關(guān)重要報(bào)紙文章 前1條

1 湖南 李哲;自動(dòng)下載DIY[N];電腦報(bào);2002年

，

本文編號：1630505