JIPS (Çѱ¹Á¤º¸Ã³¸®ÇÐȸ)
Current Result Document :
| ÇѱÛÁ¦¸ñ(Korean Title) |
Automated Link Tracing for Classification of Malicious Websites in Malware Distribution Networks |
| ¿µ¹®Á¦¸ñ(English Title) |
Automated Link Tracing for Classification of Malicious Websites in Malware Distribution Networks |
| ÀúÀÚ(Author) |
Sang-Yong Choi
Chang Gyoon Lim
Yong-Min Kim
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 15 NO. 01 PP. 0100 ~ 0115 (2019. 02) |
Çѱ۳»¿ë
(Korean Abstract) |
|
¿µ¹®³»¿ë
(English Abstract) |
Malicious code distribution on the Internet is one of the most critical Internet-based threats and distribution technology has evolved to bypass detection systems. As a new defense against the detection bypass technology of malicious attackers, this study proposes the automated tracing of malicious websites in a malware distribution network (MDN). The proposed technology extracts automated links and classifies websites into malicious and normal websites based on link structure. Even if attackers use a new distribution technology, website classification is possible as long as the connections are established through automated links. The use of a real web-browser and proxy server enables an adequate response to attackers¡¯ perception of analysis environments and evasion technology and prevents analysis environments from being infected by malicious code. The validity and accuracy of the proposed method for classification are verified using 20,000 links, 10,000 each from normal and malicious websites.
|
| Å°¿öµå(Keyword) |
Auto Link Tracer
Drive-by Download
Malicious Website
MDN
Real Browser and Forward Proxy
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
