Several DoS attacks have occurred through web browsers, not from malicious executable files. Most tools used in web attacks are downloaded malware. As the dynamic functions of HTML5 can be performed on a web browser, however, the latter can be abused as an attack tool. The features of web browser-based attacks are different from those of previous attacks, so a different detection method is needed for malicious behavior on web browsers. This paper introduces script-based attacks made through web browsers, and proposes a detection method based on a web browser's behavior.
展开▼
