Create an Account
username: password:
 
  MemeStreams Logo

Spectator: Detection and Containment of JavaScript Worms
search
Home Agent Weblogs Social Network Post Help About

Worthersee
Picture of Worthersee
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Worthersee's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Spectator: Detection and Containment of JavaScript Worms
Topic: Miscellaneous 12:08 pm EDT, Oct 29, 2007

Recent popularity of interactive AJAX-based Web 2.0 applications has given rise to a new breed of security threats: JavaScript worms. We propose Spectator, the first automatic detection and containment solution for JavaScript worms. Spectator is a proxy that performs distributed data tainting by observing and tagging the traffic between the browser and the Web application. When a piece of data propagates "too far", a potential worm is reported. To prevent worm propagation, subsequent upload attempts performed by the same worm are blocked. Spectator is able to detect fast and slow moving, monomorphic and polymorphic worms with a low rate of false positives. In addition to our detection and containment solution, we propose a range of deployment models for Spectator, ranging from simple intranet-wide deployments to a scalable load-balancing scheme appropriate for large Web sites.

Ben Livshits, a researcher at MSFT is up to some pretty cool code analysis work.

Here is a sneak peak at some of their other up coming work.

Spectator: Detection and Containment of JavaScript Worms

Thread [1]


  
 
Powered By Industrial Memetics		RSS2.0