자바스크립트에서 문자열 추적 그래프 기반 힙스프레이 탐지 기법
- Title
- 자바스크립트에서 문자열 추적 그래프 기반 힙스프레이 탐지 기법
- Authors
- 송재혁
- Date Issued
- 2013
- Publisher
- 포항공과대학교
- Abstract
- Heap-spray attack in JavaScript in a client browser is a serious problem since it can be used to steal information in user’s personal system or to execute a shell program for later attack. Realtime detection of heap-spray attack is not easy due to dynamic nature of javascript and monitoring overhead.In this thesis, we propose a method to detect a Heap-spray attack in JavaScript in a client browser. The proposed approach detects a Heap-spray attack in run- time. The approach is based on a string trace graph. Every string object and string operation is traced to build a graph. The graph is built based on the traced data of JavaScript string objects and the abnormal graph characteristic is used to detect Heap-spray. Our proposed scheme detects Heap-spray attack in JavaScript with low error rates and low run-time overheads. False positive rate is 0.01%. The average run-time overhead is 11.26% and the average memory use overhead is 2.35%.
- URI
- http://postech.dcollection.net/jsp/common/DcLoOrgPer.jsp?sItemId=000001627701
https://oasis.postech.ac.kr/handle/2014.oak/2002
- Article Type
- Thesis
- Files in This Item:
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.