DocumentCode
1592574
Title
Drive-by downloads from the trenches
Author
Harley, David ; Bureau, Pierre-Marc
Author_Institution
Res. Dept., ESET, San Diego, CA
fYear
2008
Firstpage
98
Lastpage
103
Abstract
Drive-by download is a term used to describe a download that happens without the knowledge or conscious intervention of the computer user. In computer security terms, a drive-by download is usually triggered by the exploitation of a vulnerability in an Internet browser. The file that is downloaded is usually a malicious program that installs itself on the victims computer, or is an installer for another malicious program. In this paper, we describe the problem posed by drive-by downloads from different perspectives. We also explain the difficulties of dealing with drive-by infections and propose various approaches that could solve part of the problem. Drive-by downloads are a prime example of the exponential rate at which malware infection can increase on the Internet. The primary purpose of this paper is to bring the drive-by download problem to the attention of the research community, in an effort to inspire further research initiatives in this area.
Keywords
Internet; security of data; user interfaces; Internet browser; computer security; drive-by download; malicious program; Advertising; Ash; Computer bugs; Computer security; Distributed computing; Error correction codes; Internet; Research initiatives; Software safety; Web server;
fLanguage
English
Publisher
ieee
Conference_Titel
Malicious and Unwanted Software, 2008. MALWARE 2008. 3rd International Conference on
Conference_Location
Fairfax, VI
Print_ISBN
978-1-4244-3288-2
Electronic_ISBN
978-1-4244-3289-9
Type
conf
DOI
10.1109/MALWARE.2008.4690864
Filename
4690864
Link To Document