Abstract
The Web has become a dangerous place, where simple rules of behavior no longer keep a user out of trouble. Sophisticated drive-by download attacks delivered through compromised web sites are reaching users through seemingly innocuous search engine queries. Malicious web pages are turning helpless victims into armies of bots that participate in a historically unprecedented transfer of wealth in the form of intellectual property, trade secrets, and classified information. This talk describes how this problem can be tackled from two different points of view: the identification of the web application vulnerabilities that allow for site compromise and the detection of web-based malware that attacks the users’ browsers. These two issues go hand-in-hand, and require automated approaches in order to keep up with the pace at which cybercriminals devise new ways to exploit and hijack web applications and browsers.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Vigna, G. (2013). Malware Riding Badware: Challenges in Analyzing (Malicious/Benign) Web Applications. In: Qadeer, S., Tasiran, S. (eds) Runtime Verification. RV 2012. Lecture Notes in Computer Science, vol 7687. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35632-2_19
Download citation
DOI: https://doi.org/10.1007/978-3-642-35632-2_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35631-5
Online ISBN: 978-3-642-35632-2
eBook Packages: Computer ScienceComputer Science (R0)