Title :
Software distribution as a malware infection vector
Author :
Grobert, F. ; Sadeghi, A.-R. ; Winandy, M.
Author_Institution :
Horst Gortz Inst. for IT Security, Ruhr-Univ. Bochum, Bochum, Germany
Abstract :
The software distribution and usage over the Internet has become an integral part of our daily life. This is an efficient way to make software widely available to users. But it bears the risk of infecting computers with malicious software since many applications are still downloaded and installed without appropriate security measures. Cyber criminals can obviously exploited this situation, but also governments intending to deploy spyware against suspects. In this paper we present an efficient mechanism as well as the corresponding reference implementation for on-the-fly infecting of executable code with malicious software. Our algorithm deploys virus infection routines and network redirection attacks without requiring to modify the application itself. This allows to even infect executables with a embedded signature when the signature is not automatically verified before execution. We briefly discuss counter-measures such as secure channels, code authentication as well as trusted virtualization that enables the isolation of untrusted downloads from trusted applications.
Keywords :
Internet; computer crime; computer viruses; digital signatures; Internet; cyber criminals; embedded signature; malicious software; malware infection vector; network redirection attacks; security measures; software distribution; spyware; virus infection routines; Application software; Communication system traffic control; Government; Internet; Law enforcement; Network servers; Open source software; Protocols; Software measurement; Telecommunication traffic;
Conference_Titel :
Internet Technology and Secured Transactions, 2009. ICITST 2009. International Conference for
Conference_Location :
London
Print_ISBN :
978-1-4244-5647-5
DOI :
10.1109/ICITST.2009.5402538
