Mitigating Drive-By Download Attacks: Challenges and Open Problems
作者: Manuel Egele , Engin Kirda , Christopher Kruegel
DOI: 10.1007/978-3-642-05437-2_5
关键词: Network level 、 Internet privacy 、 Browser security 、 Computer security 、 Drive-by download 、 Encryption 、 Web browser 、 Computer science 、 Malware 、 Download
摘要: Malicious web sites perform drive-by download attacks to infect their visitors with malware. Current protection approaches rely on black- or white-listing techniques that are difficult keep up-to-date. As todays already employ encryption evade network level detection we propose a series of can be implemented in browsers protect the user from such threats. In addition, discuss challenges and open problems these mechanisms face order effective efficient.
springer.com
core.ac.uk
harvard.edu
seclab.nu 参考文章(19)
Richard A. Kemmerer, Christopher Krügel, Giovanni Vigna, William K. Robertson, Using Generalization and Characterization Techniques in the Anomaly-based Detection of Web Attacks. network and distributed system security symposium. ,(2006)
Panayiotis Mavrommatis, Niels Provos, Dean McNamee, Nagendra Modadugu, Ke Wang, The ghost in the browser analysis of web-based malware conference on workshop on hot topics in understanding botnets. pp. 4- 4 ,(2007)
Vern Paxson, Bro: a system for detecting network intruders in real-time Computer Networks. ,vol. 31, pp. 2435- 2463 ,(1999) , 10.1016/S1389-1286(99)00112-7
Mark Barwinski, Tim E. Levin, Cynthia E. Irvine, Empirical Study of Drive-by-Download Spyware International Common Criteria Conference. ,(2006)
Engin Kirda, Richard A. Kemmerer, Christopher Kruegel, Greg Banks, Giovanni Vigna, Behavior-based spyware detection usenix security symposium. pp. 19- ,(2006)
Gunter Ollmann, Martin May, Stefan Frei, Thomas Duebendorfer, Understanding the Web browser threat ETH Zurich Tech Report. ,(2008) , 10.3929/ETHZ-A-005696265
Michalis Polychronakis, Kostas G. Anagnostakis, Evangelos P. Markatos, Emulation-based detection of non-self-contained polymorphic shellcode recent advances in intrusion detection. pp. 87- 106 ,(2007) , 10.1007/978-3-540-74320-0_5
Martin Roesch, Snort - Lightweight Intrusion Detection for Networks usenix large installation systems administration conference. pp. 229- 238 ,(1999)
Manuel Egele, Peter Wurzinger, Christopher Kruegel, Engin Kirda, Defending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks Detection of Intrusions and Malware, and Vulnerability Assessment. pp. 88- 106 ,(2009) , 10.1007/978-3-642-02918-9_6
Michalis Polychronakis, Panayiotis Mavrommatis, Niels Provos, Ghost turns zombie: exploring the life cycle of web-based malware LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats. pp. 11- ,(2008)