1x11x11x1
HomeArticlesSpyProxy: Execution-based Detection of MaliciousWeb Content

SpyProxy: Execution-based Detection of MaliciousWeb Content

by Alexander Moshchuk, Tanya Bragin, Damien Deville,Steven D. Gribble, Henry M. Levy

AUTHORS' DESCRIPTION

This paper explores the use of execution-based Web content analysis to protect users from Internet-borne malware. Many anti-malware tools use signatures to identify malware infections on a userís PC. In contrast, our approach is to render and observe active Web content in a disposable virtual machine before it reaches the userís browser, identifying and blocking pages whose behavior is suspicious. Execution-based analysis can defend against undiscovered threats and zero-day attacks. However, our approach faces challenges, such as achieving good interactive performance, and limitations, such as defending against maliciousWeb content that contains non-determinism.
Read the full article
HomeArticlesSpyProxy: Execution-based Detection of MaliciousWeb Content