The World Wide Web has become an inseparable part of millions of people who use online services e.g. online banking, online shopping, social networking, e-commerce, and store and manage user sensitive information, etc. In fact, it is a popular tool for any class of user over the Internet. Rich Web based applications are available over the World Wide Web to provide such types of services. At the...

Malicious code is a way of attempting to acquire sensitive information by sending malicious code to the trustworthy entity in an electronic communication. JavaScript is the most frequently used command language in the web page environment. If the hackers misuse the JavaScript code there is a possibility of stealing the authentication and confidential information about an organization and user. ...

Web applications are most widely used technique for providing an access to online services. At the same time web applications are easiest way for vulnerable acts. When a security mechanism is failed then the user may download malicious code from a trusted web site. In this case, the malicious script is contracted to full access with all assets belonging to that legitimate web site. These types ...

The Web has evolved from a handful of static web pages to billions of dynamic and interactive web pages. This evolution has positively transformed the paradigm of communication, trading, and collaboration for the benefit of humanity. However, these invaluable benefits of the Web are shadowed by cyber-criminals who use the Web as a medium to perform malicious activities motivated by illegitimate...

introduction: the current research seeks to evaluate the framework of the mentioned endeavors through the survey of the quality of the web pages of iran's medical universities and the existence of their organizational metalinks. methods: in this descriptive study, 40 web pages of the iran's medical universities were studied. the existence of the web pages, the type of the library soft wares, th...

In this paper, we propose WebCop to identify malicious web pages and neighborhoods of malware on the internet. Using a bottom-up approach, telemetry data from commercial Anti-Malware (AM) clients running on millions of computers first identify malware distribution sites hosting malicious executables on the web. Next, traversing hyperlinks in a web graph constructed from a commercial search engi...

Facebook is the world’s largest Online Social Network, having more than 1 billion users. Like most social networks, Facebook is home to various categories of hostile entities who abuse the platform by posting malicious content. In this chapter, we identify and characterize Facebook pages that engage in spreading URLs pointing to malicious domains. We revisit the scope and definition of what is ...

High-interaction honeyclients are the tools of choice to detect malicious web pages that launch drive-by-download attacks. Unfortunately, the approach used by these tools, which, in most cases, is to identify the side-effects of a successful attack rather than the attack itself, leaves open the possibility for malicious pages to perform evasion techniques that allow one to execute an attack wit...

Client-based attacks on internet users with malicious web pages represent a serious and rising threat. Internet Browsers with enabled active content technologies such as JavaScript are vulnerable to so-called drive-by downloads. Drive-by downloads are able to automatically infect a victim's system during a single visit of a crafted web page testing various vulnerabilities and installing e.g. ma...

This research proposes and implements a heuristic model to detect client-side e-banking fraud caused by malware. Results show that the model is promising and is able to detect malicious injections from malware. To validate the developed model, an additional experiment is performed in which unknown web pages, adapted by recent malware are correctly classified based on historical, malicious pages...