Mitigating Drive-By Download Attacks: Challenges and Open Problems

被引：14

作者：

Egele, Manuel ^{[1
]}

Kirda, Engin ^{[2
]}

Kruegel, Christopher ^{[3
]}

机构：

[1] Vienna Univ Technol, Secure Syst Lab, Vienna, Austria

[2] Inst Eurecom, Biot, France

[3] Univ Calif Santa Barbara, Santa Barbara, CA USA

来源：

INETSEC 2009 - OPEN RESEARCH PROBLEMS IN NETWORK SECURITY | 2009年 / 309卷

基金：

奥地利科学基金会;

关键词：

Drive-by download attacks; browser security; malware;

D O I：

10.1007/978-3-642-05437-2_5

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Malicious web sites perform drive-by download attacks to infect their visitors with malware. Current protection approaches rely on black- or white-listing techniques that are difficult to keep up-to-date. As todays drive-by attacks already employ encryption to evade network level detection we propose a series of techniques that can be implemented in web browsers to protect the user from such threats. In addition, we discuss challenges and open problems that these mechanisms face in order to be effective and efficient.

引用

页码：52 / +

页数：3

共 50 条

[1] Prediction of drive-by download attacks on Twitter
Javed, Amir
Burnap, Pete
Rana, Omer
INFORMATION PROCESSING & MANAGEMENT, 2019, 56 (03) : 1133 - 1145
[2] Drive-By Download Attacks A Comparative Study
Sood, Aditya K.
Zeadally, Sherali
IT PROFESSIONAL, 2016, 18 (05) : 18 - 25
[3] A Visual Approach to Detecting Drive-by Download Attacks
Takada, Tetsuji
Amako, Katsuhiro
8TH INTERNATIONAL SYMPOSIUM ON VISUAL INFORMATION COMMUNICATION AND INTERACTION (VINCI 2015), 2015, : 162 - 163
[4] Efficient and effective realtime prediction of drive-by download attacks
Jayasinghe, Gaya K.
Culpepper, J. Shane
Bertok, Peter
JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2014, 38 : 135 - 149
[5] Malicious File Hash Detection and Drive-by Download Attacks
Ghafir, Ibrahim
Prenosil, Vaclav
PROCEEDINGS OF THE SECOND INTERNATIONAL CONFERENCE ON COMPUTER AND COMMUNICATION TECHNOLOGIES, IC3T 2015, VOL 1, 2016, 379 : 661 - 669
[6] Detection of Plug in Misuse Drive-By Download Attacks Using Kernel Machines
Cherukuri, Manoj
Mukkamala, Srinivas
Shin, Dongwan
2014 INTERNATIONAL CONFERENCE ON COLLABORATIVE COMPUTING: NETWORKING, APPLICATIONS AND WORKSHARING (COLLABORATECOM), 2014, : 546 - 553
[7] MineSpider: Extracting hidden URLs behind evasive drive-by download attacks
2016, Maruzen Co., Ltd. (E99D)
[8] MineSpider: Extracting Hidden URLs Behind Evasive Drive-by Download Attacks
Takata, Yuta
Akiyama, Mitsuaki
Yagi, Takeshi
Hariu, Takeo
Goto, Shigeki
IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2016, E99D (04): : 860 - 872
[9] MineSpider: Extracting URLs from Environment-dependent Drive-by Download Attacks
Takata, Yuta
Akiyama, Mitsuaki
Yagi, Takeshi
Hariu, Takeo
Goto, Shigeki
39TH ANNUAL IEEE COMPUTERS, SOFTWARE AND APPLICATIONS CONFERENCE (COMPSAC 2015), VOL 2, 2015, : 444 - 449
[10] Automated Detection of Drive-by Download Attack
Kikuchi, Hiroaki
Matsumoto, Hiroaki
Ishii, Hiroshi
2015 9TH INTERNATIONAL CONFERENCE ON INNOVATIVE MOBILE AND INTERNET SERVICES IN UBIQUITOUS COMPUTING IMIS 2015, 2015, : 511 - 515

← 1 2 3 4 5 →