Assessing Real-time Malware Threats

In recent years, distribution of malware has switched from classical channels, such as e-mail, vulnerable services, or macros in software, to a new channel, websites. Therefore one major entry point of malware - that severely reduces a user's security - is through the browser. For this reason it is essential to increase the security awareness of users and in the long-term extrapolate guidelines to decrease risk of browser-based malware infections. For this, a deeper understanding on how and how often an average user encounters malware is necessary. In this work we try to shed some light on this issue by proposing a prototypical, light-weight monitoring tool, dubbed Croft, that gathers freely given data, such as browsed URLs, workstation configuration, assumed computer skill level, occupation, gender, age, and antivirus alerts, from heterogeneous user groups in a crowdsourcing fashion.