Alex Crowell, Rutgers University Computer Science and Mathematics Advisor: Prof. Danfeng Yao, Computer Science Department.

Slides:

Advertisements

Similar presentations

Web 2.0 Programming 1 © Tongji University, Computer Science and Technology. Web Web Programming Technology 2012.

Advertisements

Cindy Royal Associate Professor Texas State University facebook.com/cindyroyal linkedin.com/in/cindyroyal Curating Stories with.

Internet Jeopardy 1 Basic Computer Study Guide By Leigh Lewis 12/14/07.

First, some basic info. What is iTunes U? What is a podcast?

Viruses & Spyware A Module of the CYC Course – Computer Security

1 How To Use a Browser A Module of the CYC Course – Computer Basics

The Internet and the Web

WORDPRESS. SEO AKA – “Search Engine Optimization” Technique to make sure large search engines like Google, Yahoo, and Bing find your site and let others.

BLADE: An Attack-Agnostic Approach for Preventing Drive-By Malware Infections, L. Lu et al. BLADE: An Attack-Agnostic Approach for Preventing Drive-By.

Revealing the Secrets: Source Code Disclosure, Techniques, and Impacts.

Browser Comparisons Internet Explorer 8 & 9, Chrome 11 and Firefox 4 Security, Privacy, Add-ons & Convenience.

Google Docs is a free, web-based office suite offered by Google within its Google Drive service. It was formerly a storage service as well, but has since.

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.

Presentation Outline  Project Aims  Introduction of Digital Video Library  Introduction of Our Work  Considerations and Approach  Design and Implementation.

Web Based Attacks SymantecDefense Fantastic Four Casey Ford Mike Lombardo Ragnar Olson Maninder Singh.

Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?

Alex Crowell, Rutgers University Computer Science and Mathematics Advisor: Prof. Danfeng Yao, Computer Science Department.

“IT Solutions for Tourism Industry” CAPS Workshop Yerevan April 14, 2009.

Lecture 16 Page 1 CS 236 Online Cross-Site Scripting XSS Many sites allow users to upload information –Blogs, photo sharing, Facebook, etc. –Which gets.

Trend Micro Deployment Kelvin Hwang IT Services University of Windsor.

WEB ANALYTICS Prof Sunil Wattal. Business questions How are people finding your website? What pages are the customers most interested in? Is your website.

Presentation by Kathleen Stoeckle All Your iFRAMEs Point to Us 17th USENIX Security Symposium (Security'08), San Jose, CA, 2008 Google Technical Report.

11 The Ghost In The Browser Analysis of Web-based Malware Reporter: 林佳宜 Advisor: Chun-Ying Huang /3/29.

資安新聞簡報報告者：劉旭哲、曾家雄. Spam down, but malware up 報告者：劉旭哲.

The Ghost In The Browser Analysis of Web-based Malware Niels Provos, Dean McNamee, Panayiotis Mavrommatis, Ke Wang and Nagendra Modadugu Google, Inc. The.

An Insight into the Relationship Between Social Media and the Susceptibility to Malicious Intent Presented by Rebecca Morgan 15/05/2015 >>>>2.

Niels Provos and Panayiotis Mavrommatis Google Google Inc. Moheeb Abu Rajab and Fabian Monrose Johns Hopkins University 17 th USENIX Security Symposium.

1 All Your iFRAMEs Point to Us Mike Burry. 2 Drive-by downloads Malicious code (typically Javascript) Downloaded without user interaction (automatic),

All Your iFRAMEs Point to Us Niels provos,Panayiotis mavrommatis - Google Inc Moheeb Abu Rajab, Fabian Monrose - Johns Hopkins University Google Technical.

Project Proposal Interface Design Website Coding Website Testing & Launching Website Maintenance.

A Crawler-based Study of Spyware on the Web Authors: Alexander Moshchuk, Tanya Bragin, Steven D.Gribble, and Henry M. Levy University of Washington 13.

3-Protecting Systems Dr. John P. Abraham Professor UTPA.

1 Tradedoubler & Mobile Mobile web & app tracking technical overview.

Fostering worldwide interoperabilityGeneva, July 2009 How to counter web-based attacks on the Internet in Korea Heung Youl YOUM Chairman of Korea.

WHAT IS A SEARCH ENGINE A search engine is not a physical engine, instead its an electronic code or a software programme that searches and indexes millions.

Validating, Promoting, & Publishing Your Web Site Writing For the Web The Internet Writer’s Handbook 2/e.

Interception and Analysis Framework for Win32 Scripts (not for public release) Tim Hollebeek, Ph.D.

Web Attacks— Offense… The Whole Story Yuri & The Cheeseheads Mark Glubisz, Jason Kemble, Yuri Serdyuk, Kandyce Giordano.

Improving Cloaking Detection Using Search Query Popularity and Monetizability Kumar Chellapilla and David M Chickering Live Labs, Microsoft.

All Your iFRAMEs Point to Us Cheng Wei. Acknowledgement This presentation is extended and modified from The presentation by Bruno Virlet All Your iFRAMEs.

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

Cross Site Scripting and its Issues By Odion Oisamoje.

PART 1: INTRODUCTION TO BLOG Instructor: Mr Rizal Arbain FB:Facebook/rizal.arbain Website: H/P: Ibnu.

Search Worms, ACM Workshop on Recurring Malcode (WORM) 2006 N Provos, J McClain, K Wang Dhruv Sharma

Malicious Software.

Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.

Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION.

Niels Provos, Dean McNamee, Panayiotis Mavrommatis, Ke Wang and Nagendra Modadugu – Google First Workshop on Hot Topics in Understanding Botnets (HotBots.

The World Wide Web. What is the worldwide web? The content of the worldwide web is held on individual pages which are gathered together to form websites.

Microsoft Office 2008 for Mac – Illustrated Unit D: Getting Started with Safari.

SpyProxy SpyProxy Execution-based Detection of MaliciousWeb Content Execution-based Detection of MaliciousWeb Content Hongjin, Lee.

Computer Concepts 2014 Chapter 7 The Web and .

Powerpoint presentation on Drive-by download attack -By Yogita Goyal.

Computer Security Keeping you and your computer safe in the digital world.

Windows Vista Configuration MCTS : Internet Explorer 7.0.

Effective Wordpress Hosting Service By InstantAppz.

● The most common website platform ● User friendly-easy to edit ● Constantly improving-updates, plugins, themes Why WordPress?

SlideSet #20: Input Validation and Cross-site Scripting Attacks (XSS) SY306 Web and Databases for Cyber Operations.

Penetration Testing Social Engineering Attack and Web-based Exploitation CIS 6395, Incident Response Technologies Fall.

PIWIK JUNIOR TIDAL ASSOCIATE PROF., WEB SERVICES & MULTIMEDIA LIBRARIAN NEW YORK CITY COLLEGE OF TECHNOLOGY, CUNY.

Implementing Cisco Cybersecurity Operations

Are these ads safe? Detecting hidden attacks through the mobile app-web interface Vaibhav Rastogi, Rui Shao, Yan Chen, Xiang Pan, Shihong Zou, and Ryan.

TOPIC: Web User Tracking

Software Applications for end-users

Lesson Objectives Aims You should be able to:

Are these Ads Safe: Detecting Hidden A4acks through Mobile App-Web Interfaces Vaibhav Rastogi, Rui Shao, Yan Chen, Xiang Pan, Shihong Zou, and Ryan Riley.

Privacy or Security Are they the same?

Risk of the Internet At Home

GenCyber Day Website Security.

Presentation transcript:

Alex Crowell, Rutgers University Computer Science and Mathematics Advisor: Prof. Danfeng Yao, Computer Science Department

 drive-by-download - when visiting a URL causes malware to be installed on a computer  This is a ‘pull-based’ attack  Made possible by:  Web server security flaws  Browser security flaws  Social engineering Video taken from:

 There are many ways to put a drive-by- download exploit online:  Launch your own website  Break into someone else’s website  Post user contributed content to a website  Use third-party online advertising  Use a third-party widget (i.e. a traffic counter) From: Provos N., McNamee, D., Mavrommatis P., Wang, K., and Modadugu, N. The Ghost in the Browser: Analysis of Web-based Malware. In Proceedings of the first USENIX workshop on hot topics in Botnets (HotBots’07). (April 2007)

From: Provos N., Mavrommatis P., Rajab M. A., and Monrose, F. All Your iFRAMEs Point to Us. In Proceedings of the USENIX Security Symposium (July 2008)  Search of pages indexed by Google found over 3 million unique malicious URL s executing drive-by-downloads  Distribution of malicious sites not significantly skewed towards ‘gray content’ Data collection periodJan – Oct 2007 Total URLs checked in-depth66,534,330 Unique suspicious landing URLs3,385,889 Unique malicious landing URLs3,417,590 Unique malicious landing sites181,699 Unique distribution sites9,340

 Most approaches to detecting drive-by- downloads focus only on the computer itself  A lot can be seen by considering the user’s input as well  User usually clicks a link or ‘Save Target As…’ before downloading an executable  We can clearly make use of this to help create a much stronger detection method

 Taking this approach to detect drive-by- downloads, we will:  Check for user clicks and associate them with downloads recorded in file system data  If we cannot find user input to associate with a download, consider it suspicious  Ensure the user input is not faked by the attacker

 Will be implemented on Windows  Popular; most drive-by-downloads on Windows  Has convenient tool for monitoring file system events ( FileMon or ProcMon )  Closed source; parts of API unavailable  We use the Firefox extension tlogger to handle user input  Write a program that takes the file system data from FileMon and user action data from tlogger and flags any ‘suspicious’ downloads

 Authenticating the user input  Trusted Platform Module (TPM) can be used  Making input logger platform independent  Test on both real-world techniques and synthesized ones  Improve performance accuracy  Find a good tolerance for the time between user click and start of download