Real-Time Malicious Script Blocking Technology at the Host-Level

Due to the diversity of mobile devices, interests have been increased towards HTML5, the next generation’s web standard which pursues cross platform. To play media files or process 3D graphics in previous HTML environments, users had to install non-standard plug-ins such as Silverlight or Active X. On the other hand, HTML5 provides new tag functions of audio, video etc and new java script functions of Websocket, Geolocation API etc to substitute non-standard technologies such as Active X. To use such functions of HTML5, web browser developers are competitively applying HTML5 to their browsers, making the active conversion to HTML5 a global trend of today. Along with such trend, however, the risk of new cyber attacks taking advantage of java scripts, the key function of HTML5, is also increasing. Cyber attacks based on scripts can trigger vicious actions when the user just accesses web pages inserted with vicious scripts, and thus there are limits in detection using previous security technologies. This paper proposes a technology which collects and analyzes HTTP traffic generated through web browsers at host level to detect and block vicious scripts.