Mitigating Drive-By Download Attacks: Challenges and Open Problems
نویسندگان
چکیده
Malicious web sites perform drive-by download attacks to infect their visitors with malware. Current protection approaches rely on blackor whitelisting techniques that are difficult to keep up-to-date. As todays drive-by attacks already employ encryption to evade network level detection we propose a series of techniques that can be implemented in web browsers to protect the user from such threats. In addition, we discuss challenges and open problems that these mechanisms face in order to be effective and efficient.
منابع مشابه
Towards Measuring and Mitigating Social Engineering Software Download Attacks
Most modern malware infections happen through the browser, typically as the result of a drive-by or social engineering attack. While there have been numerous studies on measuring and defending against drive-by downloads, little attention has been dedicated to studying social engineering attacks. In this paper, we present the first systematic study of web-based social engineering (SE) attacks th...
متن کاملDefending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks
Drive-by download attacks are among the most common methods for spreading malware today. These attacks typically exploit memory corruption vulnerabilities in web browsers and browser plug-ins to execute shellcode, and in consequence, gain control of a victim’s computer. Compromised machines are then used to carry out various malicious activities, such as joining botnets, sending spam emails, or...
متن کاملDrive-by Download Attacks: Effects and Detection Methods
The aim of this study is to present and analyze the problem of drive-by download attacks. Drive-by downloads have become one of the most common ways to infect a large group of unsuspected users. Attackers take full advantage of the functionality of the Internet and its dominance in various transactions of everyday life and spread malware by exploiting vulnerable systems for financial gain. Thes...
متن کاملWebWitness: Investigating, Categorizing, and Mitigating Malware Download Paths
Most modern malware download attacks occur via the browser, typically due to social engineering and driveby downloads. In this paper, we study the “origin” of malware download attacks experienced by real network users, with the objective of improving malware download defenses. Specifically, we study the web paths followed by users who eventually fall victim to different types of malware downloa...
متن کاملDetection of Malicious Url Redirection and Distribution
Web-based malicious software (malware) has been increasing over the Internet .It poses threats to computer users through web sites. Computers are infected with Web-based malware by drive-by-download attacks. Drive-by-download attacks force users to download and install the Web-based malware without being aware of it .these attacks evade detection by using automatic redirections to various websi...
متن کامل