Yong-joon Lee, Defense Security Institute, Republic of Korea
Ki-hwan Kim, F1 Security, Seoul, Republic of Korea
Hwa-sung Chae, IT Nomads Co., Ltd, Republic of Korea
Trends show that there has been a huge increase in damages from malware that is hidden on websites by hackers to infect the PCs of visitors to the site. Since websites with a lot of visitors are an easy way to spread malware, attackers use these sites to spread their malware as far as possible in order to steal financial information, or to gather information about a specific user as a pre-attack step. In this research, we intend to quickly detect malware and scientifically analyze the hidden purpose of attackers through a malware detection system that uses a website sensor network.
Secure Websites, Detection of Malware on Websites, Detection of Forged Update Files
[1] K. Thomas, and D. M. Nicol, "The Koobface Botnet and the Rice of Social Malware", IEEE Int. Conf. Malicious and Unwanted Software, (2010): 63-70.
[2] Boo Joong Kang, Kyoung Soo Han, Eul Gyu Im, “Malware Current Status and Detection Technology”, Communications of the Korea Information Science Society, vol. 30, no. 1. (2012): 44-53.
[3] K. H. Lee and J. P. Park, "A Software Vulnerability Analysis System using Learning for Source Code Weakness History", Journal of The Korea Academia Industrial cooperation Society, 18 (2017), 46-52. https://doi.org/10.5762/KAIS.2017.18.11.46.
[4] JooBeom Yun, YoungJoo Shin, "MiGuard: Detecting and Guarding against Malicious Iframe through API Hooking", IEICE Electronics Express. (2011): 460-465.
[5] M. Fredrikson, S. Jha, M. Christodorescu, R. Sailer, and X. Yan, “Synthesizing Near-Optimal Malware Specifications from Suspicious Behaviors”, Proceedings of the 2010 IEEE Symposium on Security and Privacy. (2010): 45-60.
[6] Q. Miao, Y. Wang, Y. Cao, X. Zhang, and Z. Liu, “APICapture - a Tool for Monitoring the Behavior of Malware”, Proceedings of the 3rd International Conference on Advanced Computer Theory and Engineering. (2010): 390-394.
[7] S. Y. Min, C. S. Jung, K. H. Lee, E. S. Cho, T. B. Yoon and S. H. You, “Design of Comprehensive Security Vulnerability Analysis System through Efficient Inspection Method according to Necessity of Upgrading System Vulnerability”, Journal of The Korea Academia Industrial cooperation Society, 18 (2017):1-8. https://doi.org/10.5762/KAIS.2017.18.7.1.
[8] J. Lee, K. Jeong, and H. Lee, “Detecting Metamorphic Malwares using Code Graphs”, Proceedings of the 2010 ACM Symposium on Applied Computing. (2010): 1970-1977.
[9] K. Kim, and B. Moon, “Malware Detection based on Dependency Graph using Hybrid Genetic Algorithm”, Proceedings of the 12th Annual Conference on Genetic and Evolutionary Computation. (2010): 1211-1218.
[10] S. H. Oh, T. E. Kim and H. K. Kim, “Technology Analysis on Automatic Detection and Defense of SW Vulnerabilities”, Journal of The Korea Academia Industrial cooperation Society, 18 (2017), 94-103. https://doi.org/10.5762/KAIS.2017.18.11.94.
[11] Korea Information & Security Agency(KISA), October trends: Cyber Security Issue, (2013): 31-42.
[12] Korea Information & Security Agency(KISA), Recent Cyber Attack Trend, Information Sharing Seminar Report, (2014):10-18.
[13] Korea Information & Security Agency(KISA), Large-scale malicious code distribution trend analysis report, (2014):1-15.
[14] Asish Vardhan and M. Murali Krishna, “DGD: An Intrusion Detection System for Providing Security to Web Applications” Journal of Statistical Computing and Algorithm 1.1(2017): 27-32. http://dx.doi.org/10.21742/JSCA.2017.1.1.03.
[15] G Sai Asritha, “Security for files in Operating System” International Journal of Security Technology for Smart Device 3.2(2016): 1-6. http://dx.doi.org/10.21742/IJSTSD.2016.3.2.01.
[16] Lalit Mohan Joshi, and Dr. Rajendra Bharti, “A Research Paper on Online Security Issue with Data Tempering” International Journal of Security Technology for Smart Device 4.1(2017): 1-8. http://dx.doi.org/10.21742/IJSTSD.2017.4.1.01.
[17] Vempati Sudheshna, “Adhoc Network Infrastructure Security” International Journal of Wireless and Mobile Communication for Industrial Systems 3.1(2016): 21-34. http://dx.doi.org/ 10.21742/IJWMCIS.2016.3.1.03.
[18] SeongMuk, Choi, JoongHyo, Bok, HyungTaek, Lee, Jong Bae, Kim and Gwang Yong, Gim, “An Empirical Study on Crawler-based Security Control Systems” International Journal of Reliable Information and Assurance 5.2(2017): 7-12. http://dx.doi.org/10.21742/IJRIA.2017.5.2.02.
APA:
Lee, Y.-J., Kim, K.-H., & Chae, H.-S. (2019). A Study on Secure Websites using Malware Detection System. International Journal of Advanced Science and Technology (IJAST), ISSN: 2005-4238(Print); 2207-6360 (Online), NADIA, 130, 93-104. doi: 10.33832/ijast.2019.130.09.
MLA:
Lee, Yong-Joon, et al “A Study on Secure Websites using Malware Detection System.” International Journal of Advanced Science and Technology, ISSN: 2005-4238(Print); 2207-6360 (Online), NADIA, vol. 130, 2019, pp. 93-104. IJAST, http://article.nadiapub.com/IJAST/Vol130/9.html.
IEEE:
[1] Y.-J. Lee, K.-H. Kim and H.-S. Chae, “A Study on Secure Websites using Malware Detection System.” International Journal of Advanced Science and Technology (IJAST), ISSN: 2005-4238(Print); 2207-6360 (Online), NADIA, vol. 130, pp. 93-104, Sep. 2019.
IJAST aims to facilitate and support research related to advanced science and technology and the applications. Our Journal provides a chance for academic and industry professionals to discuss recent progress in the areas of advanced science and technology.
