[1] PROVOS N, MCNAMEE D, MAVROMMATIS P, et al. The ghost in the browser analysis of Web-based malware[C]//HotBots'07:Proceedings of the First Conference on First Workshop on Hot Topics in Understanding Botnets. Berkeley, CA:USENIX Association, 2007:4-4. [2] WANG Y, BECK D, JIANG X, et al. Automated Web patrol with strider honey monkeys:finding Web sites that exploit browser vulnerabilities[C]//NDSS 2006:Proceedings of the 2006 Network and Distributed System Security Symposium. Reston:The Internet Society, 2006:35-49. [3] MOSHCHUK A, BRAGIN T, GRIBBLE SD, et al. A crawler-based study of spyware on the Web[EB/OL].[2015-11-12]. http://homes.cs.washington.edu/~gribble/papers/spycrawler.pdf. [4] CPAN. Mitre honeyclient project[EB/OL].[2015-11-20]. http://search.cpan.org/~mitrehc/. [5] The Honeynet Project. Capture-HPC[EB/OL].[2015-11-20]. http://projects.honeynet.org/capture-hpc. [6] SEIFERT C, WELCH I, KOMISARCZUK P, et al. Identification of malicious Web pages with static heuristics[C]//Proceedings of the 2008 Australasian Telecommunication Networks and Applications Conference. Piscataway, NJ:IEEE, 2008:91-96. [7] CANALI D, COVA M, VIGNA G, et al. Prophiler:a fast filter for the large-scale detection of malicious Web pages[C]//WWW'11:Proceedings of the 20th International Conference on World Wide Web. New York:ACM, 2011:197-206. [8] COVA M, KRUEGEL C, VIGNA G. Detection and analysis of drive-by-download attacks and malicious JavaScript code[C]//Proceedings of the 19th International Conference on World Wide Web. New York:ACM, 2010:281-290. [9] HEIDERICH M, FROSCH T, HOLZ T. IceShield:detection and mitigation of malicious websites with a frozen DOM[C]//RAID'11:Proceedings of the 14th International Conference on Recent Advances in Intrusion Detection. Berlin:Springer, 2011:281-300. [10] LU L, YEGNESWARAN V, PORRAS P, et al. BLADE:an attack-agnostic approach for preventing drive-by malware infections[C]//Proceedings of the 17th ACM Conference on Computer and Communications Security. New York:ACM, 2010:440-450. [11] CAO Y, PAN X, CHEN Y, et al. JShield:towards complete de-obfuscation and real-time detection of complex drive-by download attacks[C]//Proceedings of the 30th Annual Computer Security Applications Conference. New York:ACM, 2014:466-475. [12] SCITOOLS TEAM. Understand? static code analysis tool[EB/OL].[2015-11-20]. https://scitools.com/. [13] W3CSCHOOL. JavaScript window location[EB/OL].[2015-11-20]. http://www.w3school.com.cn/js/js_window_location.asp. [14] W3CSCHOOL. JavaScript window history[EB/OL].[2015-11-20]. http://www.w3school.com.cn/js/js_window_history.asp. [15] 陆凌牛.HTML5和CSS3权威指南[M].2版.北京:机械工业出版社,2013:177-192.(LU L N. HTML5 and CSS3:the Definitive Guide[M]. 2nd ed. Beijing:China Machine Press, 2013:177-192.) [16] W3CSCHOOL. HTML DOM anchor object[EB/OL].[2015-11-20]. http://www.w3school.com.cn/jsref/dom_obj_anchor.asp. [17] W3CSCHOOL. HTML [EB/OL].[2015-11-20]. http://www.w3school.com.cn/tags/tag_meta.asp. [18] GOURLEY D, TOTTY B, SAYER M,等.HTTP权威指南[M].陈娟,赵振平,译.北京:人民邮电出版社,2012:64-68.(GOURLEY D, TOTTY B, SAYER M, et al. HTTP:The Definitive Guide[M]. CHEN J, ZHAO Z P, translated. Beijing:Posts and Telecom Press, 2012:64-68.) [19] QU J.用FileSystem API实现文件下载器[EB/OL].[2015-11-20]. http://imququ.com/post/a-downloader-with-filesystem-api.html.(QU J. Use FileSystem API to implement a document download machine[EB/OL].[2015-11-20]. http://imququ.com/post/a-downloader-with-filesystem-api.html.) [20] 如何利用HTML5的filesystem技术下载沙盒里的文件[EB/OL].[2015-11-20]. http://www.zhihu.com/question/21462396.(How to download file in the sand box by using filesystem API of HTML5[EB/OL].[2015-11-20]. http://www.zhihu.com/question/21462396.) [21] Gnome. the WebKitGtk+ project[EB/OL].[2015-11-20]. http://webkitgtk.org/. [22] Google. Octane-Benchmark[EB/OL].[2015-11-20]. http://octane-benchmark.googlecode.com/svn/latest/index.html. |