참고문헌
- J. Gregoire, "JavaScript and Visual Basic Script Threats: Different scripting language for different malicious purposes," in Proc. of 18th EICAR Annual Conference, 2009.
- S. Shah, "Browser Exploits: Attacks and Defense", EUSecWest, 2008.
- M. Egele, E. Kirda and C. Kruegel, "Mitigating drive-by download attacks: Challenges and open problems," in Proc. of iNetSec 2009 - Open Research Problems in Network Security Workshop, pp.52-62, 2009.
- C. Willems, T. Holz and F. Freiling, "Toward automated dynamic malware analysis using CWSandbox," IEEE Security & Privacy, vol.5, pp.32-39, Mar.2007.
- U. Bayer, C. Kruegel and E. Kirda, "TTanalyze: A Tool for Analyzing Malware," in Proc. of 15th EICAR Annual Conference, 2006.
- Norman Sandbox, http://www.norman.com.
- VMWare, http://www.vmware.com.
- F. Bellard, "QEMU, A fast and portable dynamic translator," in Proc. of USENIX Annual Technical Conference, pp.41-46, 2005.
- Y. Wang, D. Beck, X. Jiang, R. Roussev, C. Verbowski, S. Chen and S. King, "Automated web patrol with strider HoneyMonkeys," in Proc. of Network and Distributed System Security Symposium, pp.35-49, 2006.
- COM: Component Object Model Technologies, http://www.microsoft.com/com/default.mspx
- R. Kawach, "NEPTUNE: Detecting Web-Based Malware via Browser and OS Instrumentation," Black Hat USA, 2010.
- S. Chenette, "The Ultimate Deobfuscator", ToorCon, 2008.
- K. Chellapilla and A. Maykov, "A Taxonomy of JavaScript redirection Spam," in Proc. of 3rd International Workshop on Adversarial Information Retrieval on Web, pp.81-88, 2007.
- J. Nazario, "Reverse engineering malicious JavaScript," CanSecWest, 2007.
- N. Provos, D. McNamee, P. Mavrommatis, K. Wang and N. Modadugu, "The Ghost in the browser analysis of web based malware," in Proc. of USENIX First Workshop on Hot Topics in Understanding Botnets, 2007.
- A. Ikinci, T. Holz and F. Freiling, "Monkey-Spider: Detecting malicious WebSites with low interaction Honeyclients," in Proc. of Sicherheit, Schutz und Zuverlassigkeit, 2008.
- B. Feinstein and D. Peck, "Caffeine Monkey: Automated collection, detection and analysis of malicious JavaScript," Black Hat USA, 2007.
- O. Hallaraker and G. Vigna, "Detecting malicious JavaScript code in Mozilla," in Proc. of 10th IEEE Int. Conference on Engineering of Complex Computer Systems, pp.85-94, 2005.
- A. Dewald, T. Holz, and F.C. Freiling, "ADSandbox: Sandboxing JavaScript to fight Malicious Websites", in Proc. of 25th Symposium on Applied Computing, pp. 1859-1864, 2010.
- M. Cova, C. Kruegel and G. Vigna, "Detection and analysis of drive-by-download attacks and malicious JavaScript vode," in Proc. of 19th International World Wide Web Conference, pp.281-290,2010.
- Decrypt JS, http://www.ukhoneynet.org/tools/decrypt-js/.
- Rhino: JavaScript for Java, http://www.mozilla.org/rhino/.
- NJS JavaScript Interpreter, http://sourceforget.net/projects/njs/.
- Debugging Tools for Windows, http://www.microsoft.com/whdc/devtools/debugging/default.mspx.
- Kolisar, "WhiteSpace: A Different approach to JavaScript obfuscation," DEFCON 16, 2008.
- Alexa Top 500 Sites, http://www.alexa.com/.
- Milw0rm, http://www.milw0rm.com/.
피인용 문헌
- PBDT: Python Backdoor Detection Model Based on Combined Features vol.2021, pp.None, 2012, https://doi.org/10.1155/2021/9923234