Drive-by downloads from the trenches
暂无分享,去创建一个
Drive-by download is a term used to describe a download that happens without the knowledge or conscious intervention of the computer user. In computer security terms, a drive-by download is usually triggered by the exploitation of a vulnerability in an Internet browser. The file that is downloaded is usually a malicious program that installs itself on the victims computer, or is an installer for another malicious program. In this paper, we describe the problem posed by drive-by downloads from different perspectives. We also explain the difficulties of dealing with drive-by infections and propose various approaches that could solve part of the problem. Drive-by downloads are a prime example of the exponential rate at which malware infection can increase on the Internet. The primary purpose of this paper is to bring the drive-by download problem to the attention of the research community, in an effort to inspire further research initiatives in this area.
[1] G. M.. A Budget of Paradoxes , Nature.
[2] Vern Paxson,et al. How to Own the Internet in Your Spare Time , 2002, USENIX Security Symposium.
[3] Jose Nazario,et al. Defense and Detection Strategies against Internet Worms , 2003 .
[4] Donald F. Towsley,et al. On the performance of Internet worm scanning strategies , 2006, Perform. Evaluation.
[5] W. Morain,et al. A tangled web. , 2001, Annals of plastic surgery.