Paper Titles

A Study of Microstructure and Surface Hardness of Parts Fabricated by Laser Direct Metal Deposition Process
p.648

The Application of CPFR Model in Information System
p.652

Research on Virtual Prototyping Development of Product Information Modeling Method
p.658

The Study on Hospital Information Systems Based on Post-Relational Database
p.664

Automatic Detection System of Web-Based Malware for Management-Type SaaS
p.670

Discussions on the Potential, Function and Reconstruction Method of Landscapes in Urban Industrial Wasteland
p.675

Research of Stress Transfer Area and its Length Prediction of Single-Lap Adhesive Joint
p.680

Discussion on Influencing Factors in College Students’ Web-Based Learning of English
p.686

Effects of External Transverse Alternating Magnetic Field on the Oscillating Amplitude of Atmospheric Pressure Plasma Arc
p.692

HomeAdvanced Materials ResearchAdvanced Materials Research Vols. 129-131Automatic Detection System of Web-Based Malware...

Automatic Detection System of Web-Based Malware for Management-Type SaaS

Article Preview

Abstract:

In management-type SaaS, user must be permitted to submit tenant’s business data on the SP's server, which may be embedded by the web-based malware. In this paper, we propose the automatic detecting method of web-based malware based on behavior analysis, which can make sure to meet the SLA by detecting the web-based malware actively. First, tenant’s update is downloaded to the bastion host by the web crawler. Second, it detect the behavior that tenant’s update is opened by IE. In order to break the malicious behavior during detecting, the IE has been injected in the DLL. Last, if the sensitive operations happen, the URL is appended to the malicious address database, and at same time the system administrator is informed by the SMS. The result of test is shown that our method can detect the web-based malware accurately. It helps to improve the service level of the management-type SaaS.

You might also be interested in these eBooks

Material and Manufacturing Technology

Info:

Periodical:

Advanced Materials Research (Volumes 129-131)

Pages:

670-674

DOI:

https://doi.org/10.4028/www.scientific.net/AMR.129-131.670

Citation:

Cite this paper

Online since:

August 2010

Authors:

Xu Jing, Dong Jian He, Lin Sen Zan, Jian Liang Li, Wang Yao

Keywords:

Behavior Analysis, Management-Type SaaS, Web Crawler, Web-Based Malware

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2010 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

[1] The Force. com Multitenant Architecture, http: /www. salesforce. com /au/assets/pdf/Force. com_ Multitenancy_WP_101508. pdf, 2009, 11, 8.

[2] Curt Devlin, SaaS Capacity Planning: Transaction Cost Analysis Revisited, http: /msdn. microsoft. com/en-us/architecture/cc261632. asp x, 2009, 11, 8.

[3] CCW Research. SaaS applications in China has the 5characteristics [J]. China Computer World, 2008, 2(45): 1-2.

[4] Vidyanand Choudhary. Comparison of Software Quality Under Perpetual Licensing and Software as a Service[J]. Journal of Management Information Systems, 2007, 24(2): 141-165.

DOI: 10.2753/mis0742-1222240206

[5] Wei Sun, Kuo Zhang, Shyh-Kwei Chen, et al. Software as a Service: An Integration Perspective[C], ICSOC, Vienna, Austria, 2007, 9, LNCS, 4749/2009: 558-569.

[6] Craig D. Weissman, Steve Bobrowski. the design of the force. com multitenant internet application development platform[C], SIGMOD，Rhode Island, USA, 2009, 6, 29: 889-896.

[7] Haidong Chen. Human Resource Management System for SaaS[D], Shanghai Jiao Tong University, (2006).

[8] Jun Tang. management software for small and medium-sized firm based on SaaS[D], [Master Thesis], Xiamen University, (2008).

[9] Neils Provos, Dean McNamee, Panayioitis Mavrommatis, et al. the Ghost in the browser analysis of web-based Malware[C]. HotBots, Cambridge, USA, 2007, 4, 10, USENIX: 4-13.

[10] Jing Xu, Mao Guang-can, Tang Jing-lei. Dual-code and dual-tunnel system scheme[J]. Computer Engineering and Design, 2007, 28(15): 3764-3766.

[11] BAI He, TANG Dibin, WANG Jinlin. Research and Implementation of Distributed and Multi-topic Web Crawler System[J]. Computer Engineering, 2009, 35(19): 13-16-19.

[12] libcurl-tutorial - libcurl programming tutorial. http: /curl. haxx. se/ libcurl /c/libcurl-tutorial. html, 2009, 11, 8.

[13] State and Notifications Broker Functions, http: /msdn. microsoft. com/ en-us/library /bb154495. aspx, 2009, 11, 8.

[14] Heng Yin, Zhenkai Liang, Dawn Song. HookFinder: Identifying and Understanding Malware Hooking Behaviors[C]. NDSS, San Diego, USA, 2008, 2, 11: 1-16.

[15] PANG Li-hui. Research and Implementation of Dynamically Packing Technology for PE Files[J]. Computer Engineering, 2008, 34(19): 160-166.

[16] M. Zubair Shafiq, S. Momina Tabish, Muddassar Farooq. PE-Probe: Leveraging Packer Detection and Structural Information to Detect Malicious Portable Executables[C]. VB, Crowne Plaza Geneva, Switzerland, 2009, 9, 23: 5-10.

DOI: 10.1007/978-3-642-04342-0_7

[17] Interprocess Communications. http: /msdn. microsoft. com/en-us/ library /aa365574(VS. 85). aspx, 2009, 11, 8.