Empirical Study Of Drive-By-Download Spyware

Download
Author
Barwinski, Mark
Irvine, Cynthia E.
Levin, Tim E.
Date
2006-00-00Metadata
Show full item recordAbstract
The ability of spyware to circumvent common security practices, surreptitiously exporting confidential information to remote parties and illicitly consuming system resources, is a rising security concern in government, corporate, and home computing environments. While it is the common perception that spyware infection is the result of high risk Internet surfing behavior, our research shows main-stream web sites listed in popular search engines contribute to spyware infection irrespective of patch levels and despite �safe� Internet surfing practices. Experiments conducted in July of 2005 revealed the presence of spyware in several main-stream Internet sectors as
evidenced in the considerable infection of both patched and unpatched Windows XP test beds. Although the experiment emulated conservative web surfing practices by not interacting with web page links, images, or banner advertisements, pyware infection of Internet Explorer based test beds occurred swiftly through cross-domain scripting and ActiveX exploits. As many as 71 different spyware programs were identified among 6 Internet sectors. Real estate and online ed web sites infected the test beds with, as many as 14 different spyware programs and one bank-related web site appeared to be the source of a resource consuming dialing program.Empirical analysis suggests that spyware infection via drive-by-download attacks has thus far been unabated by security patches or even prudent web surfing behavior. At least for the moment, it appears the choice of web browser applications is the single most effective measure in preventing spyware infection via drive-by-downloads
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Related items
Showing items related by title, author, creator and subject.
-
Taxonomy of spyware and empirical study of network drive-by-downloads
Barwinski, Mark Andrei (Monterey, California. Naval Postgraduate School, 2005-09);Spyware has rapidly become a major security concern in government and corporate networks as well as for home computers. Spyware is able to circumvent common security practices, funneling information to remote parties and ... -
Internet Architecture: Lessons Learned and Looking Forward
Xie, Geoffrey (2007-11);This chapter explores the architectural design of the Internet. The main objectives are: (i) highlight the design principles underlying the Internet architecture and explain their roles in the success of the network, and ... -
ADOPTING IMMUNOLOGICAL METAPHORS IN CYBERSECURITY APPLICATIONS
Duncan, Robert J., III (Monterey, CA; Naval Postgraduate School, 2022-09);The evolution of the computer virus remains constant, yet the metaphors used to explain the abstract ideas of computer science remain static. Previous cybersecurity research frames issues of security in physical security ...