论文信息 - Prevention of Drive by Download Attack (URL Malware Detector)

Prevention of Drive by Download Attack (URL Malware Detector)

This paper is intended to inform the user about a software tool called ‘url malware detector’. This software will help the user avoid falling prey for drive by download attacks. This tool accepts the url as the input text in a. txt file extension. It lists the files that are downloaded in backend during the process of urlvisitization and scans them on an online malware detection tool and yield the results in a SQLite database and visualizations. The details of the malware present in those files are represented in a graphical format. It uses MD5 hash technique. The paper consists of the detailed analysis of the tool in 5 modules for more comprehensibility. This paper will be helpful for the Inquisitors who wish to learn about prevention of drive by download attacks. This will also prove to be of great importance to people who want to be equipped with the updating of latest security threats while surfing World Wide Web.

Laxmi Ahuja | Subhranil Som | Sunil Kumar Khatri | Akshay Tyagi

[1] Andreas Dewald,et al. Forschungsberichte der Fakultät IV – Elektrotechnik und Informatik C UJO : Efficient Detection and Prevention of Drive-by-Download Attacks , 2010 .

[2] Vinod Yegneswaran,et al. BLADE: an attack-agnostic approach for preventing drive-by malware infections , 2010, CCS '10.

[3] Bernard Cova,et al. Community and consumption 297 Community and consumption Towards a definition of the “ linking value ” of product or services , 2017 .

[4] Clark Thomborson,et al. Proceedings of the Eleventh Australasian Information Security Conference - Volume 138 , 2011 .

[5] Benjamin Livshits,et al. ZOZZLE: Fast and Precise In-Browser JavaScript Malware Detection , 2011, USENIX Security Symposium.

[6] P. R. Lakshmi Eswari,et al. Browser JS Guard: Detects and defends against Malicious JavaScript injection based drive by download attacks , 2014, The Fifth International Conference on the Applications of Digital Information and Web Technologies (ICADIWT 2014).

[7] Ian Welch,et al. Anatomy of Drive-by Download Attack , 2013, AISC.