Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
RAID
2010
Springer
2010
Springer
Detecting the Onset of Infection for Secure Hosts
Abstract. Software flaws in applications such as a browser may be exploited by attackers to launch drive-by-download (DBD), which has become the major vector of malware infection. We describe a host-based detection approach against DBDs by correlating the behaviors of humanuser related to file systems. Our approach involves capturing keyboard and mouse inputs of a user, and correlating these input events to filedownloading events. We describe a real-time monitoring system called DeWare that is capable of accurately detecting the onset of malware infection by identifying the illegal download-and-execute patterns. Analysis based on the arrival methods of top 100 malware infecting the most number of systems discovered that 53% of infections are through download [1]. In another study, 450,000 out of 4.5 millions URLs were found to contain drive-bydownload exploits that may be due to advertisement, third-party contents, and user-contributed contents [2]. Drive-by-download (DBD) attacks e...
Real-time Traffic| Added | 30 Jan 2011 |
| Updated | 30 Jan 2011 |
| Type | Journal |
| Year | 2010 |
| Where | RAID |
| Authors | Kui Xu, Qiang Ma, Danfeng (Daphne) Yao |
Comments (0)
Researcher Info
|
