JavaScript is a popular scripting language for creating dynamic and interactive web pages. Unfortunately, JavaScript also provides the ground for web-based attacks that exploit vulnerabilities in web browsers and unnoticeably infect users with malicious software. Regular security tools, such as anti-virus scanners, increasingly fail to fend off this threat, as they are unable to cope with the r...

Internet is a platform which is mostly used to spread malicious software and viruses on the network. The drive by download (DBD) is most successful and popular attack invented by web site attacker till date. Drive by download attack enables the victims to click coded malicious links and the browser will be redirected to malicious web sites to exploit vulnerabilities, and also it installs softwa...

Malware classifiers based on machine learning models have become increasingly popular. These classifiers use a combination of structural and dynamic features to detect malware in various domains, including PDF, binaries, and web pages. We propose to use genetic programming techniques to automatically generate variants of malicious web pages that evade state-ofthe-art classifiers. Our method bui...

filtering of web pages with inappropriate contents is one of the major issues in the field of intelligent network's security. having a good intelligent filtering method with high accuracy and speed is needed for any country in order to control users' access to the web. so, it has been considered by many researchers. presenting web pages in an understandable way by machines is one of the most im...

A Web Page has large amount of information including some additional contents like hyperlinks, header footer, navigational panel; advertisements which may cause the content extraction to be complicated. Page Segmentation is used to detect the noisy content block by detecting malicious URL from Web Pages. Main aim of this research is detecting malicious URL during content extraction by checking ...

The rating of web pages is an important metric that has wide applications, such as web search and malicious page detection. Existing solutions for web page rating rely on either subjective opinions or overall page relationships. In this paper, we present a new solution, SnowEye, to decide the trust rating of web pages with evidence obtained from browsers. The intuition of our approach is that u...

The increased use of the World Wide Web and JavaScript as a scripting language for Web pages have made JavaScript a popular attack vector for infecting users' machines with malware. Additionally, attackers often obfuscate their code to avoid detection, which heightens the challenge and complexity of automated defense systems. We present two analyses of malicious scripts and suggest how they cou...

Recent updates of Vulnerability reports of the Open Web Application Security Project confirm that Cross Site Scripting (XSS) is one of the most common and severe web security defects. Cross-Site Scripting occurs when an application takes data from the user and sends it back to a web browser without validation or encoding. It occurs when the web application references the user input in HTML page...