网页木马现状分析与监测研究

riven by the underground economy, cyber criminals are on the rise and use the Web-based Malware networks to exploit innocent Internet users, steal the virtual assets from the exploited computers and sell them for money. We give the overview of the trojan network phenomenon on the Chinese Web, including its background, history, driven root causes and technical mechanisms. Furthermore, we introduce the measurement method based on the client honeypots and dynamic behavior analysis, and we use this method to measure Web-based Malware networks on the Chinese Web, our measurements show that about 1.49% of the examined websites redirect the visitors to Web-based Malware networks. We also perform detailed analysis of the identified malicious websites and reveal the obfuscated and immense Web-based Malware, and we present a representative case study of this specific threat. Our measurement results and detailed case study proofs the prevalence of Web-based Malware on the Chinese Web.