The study introduces a novel approach that uses custom payloads to examine the effectiveness of manual and automated malware detection techniques. The dynamic blended approach can effectively generate attack payloads and identify vulnerabilities in a website, ultimately strengthening the security measures of the websites. This research focuses on dynamic analysis in a controlled environment while testing and analyzing SQL and XSS payloads under varying security conditions. This quantitative analysis involves crafting targeted payloads to bypass Web Application Firewall (WAF) filters and security controls, considering the detection accuracy, response times, false positives and false negatives. The study findings reveal that basic manual payloads are effective against lower security levels, while customized advanced or adaptive payloads could successfully evade detection using obfuscation or encoding techniques. Additionally, in various security constraints, time-based and error-based SQL injections demonstrated significant effectiveness in detection. Automatic scanning using OWASP ZAP identifies common vulnerabilities, but is often ineffective during complex or obfuscated injections. This research underscores the importance of hybrid or blended approaches that combine automated and customized payload techniques for the detection of advanced malware attacks to enhance web application security. This integration of custom payload design with manual and automated scanning approaches can improve detection accuracy and speed up the investigation process to mitigate zero-day vulnerabilities.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Dynamic Analysis of Malware Detection Using Customized Payloads in Web Applications: Examining The Effectiveness of Manual and Automated Approaches

  • Jiban Krisna Das,
  • Lei Chen,
  • Christopher Kadlec,
  • Atef Mohamed,
  • Yiming Ji

摘要

The study introduces a novel approach that uses custom payloads to examine the effectiveness of manual and automated malware detection techniques. The dynamic blended approach can effectively generate attack payloads and identify vulnerabilities in a website, ultimately strengthening the security measures of the websites. This research focuses on dynamic analysis in a controlled environment while testing and analyzing SQL and XSS payloads under varying security conditions. This quantitative analysis involves crafting targeted payloads to bypass Web Application Firewall (WAF) filters and security controls, considering the detection accuracy, response times, false positives and false negatives. The study findings reveal that basic manual payloads are effective against lower security levels, while customized advanced or adaptive payloads could successfully evade detection using obfuscation or encoding techniques. Additionally, in various security constraints, time-based and error-based SQL injections demonstrated significant effectiveness in detection. Automatic scanning using OWASP ZAP identifies common vulnerabilities, but is often ineffective during complex or obfuscated injections. This research underscores the importance of hybrid or blended approaches that combine automated and customized payload techniques for the detection of advanced malware attacks to enhance web application security. This integration of custom payload design with manual and automated scanning approaches can improve detection accuracy and speed up the investigation process to mitigate zero-day vulnerabilities.