Conferences in Research and Practice in Information Technology
  

Online Version - Last Updated - 20 Jan 2012

 

 
Home
 

 
Procedures and Resources for Authors

 
Information and Resources for Volume Editors
 

 
Orders and Subscriptions
 

 
Published Articles

 
Upcoming Volumes
 

 
Contact Us
 

 
Useful External Links
 

 
CRPIT Site Search
 
    

Anatomy of Drive-by Download Attack

Le, V.L., Welch, I., Gao, X. and Komisarczuk, P.

    Drive-by download attacks where web browsers are subverted by malicious content delivered by web servers have become a common attack vector in recent years. Several methods for the detection of malicious content on web pages using data mining techniques to classify web pages as malicious or benign have been proposed in the literature. However, each proposed method uses different content features in order to do the classification and there is a lack of a high-level frameworks for comparing these methods based upon their choice of detection features. The lack of a framework makes it problematic to develop experiments to compare the effectiveness of methods based upon different selections of features. This paper presents such a framework derived from an analysis of of drive-by download attacks that focus upon potential state changes seen when Internet browsers render HTML documents. This framework can be used to identify potential features that have not yet been exploited and to reason about the challenges for using those features in detection drive-by download attack.
Cite as: Le, V.L., Welch, I., Gao, X. and Komisarczuk, P. (2013). Anatomy of Drive-by Download Attack. In Proc. Information Security 2013 (AISC 2013) Adelaide, Australia. CRPIT, 138. Thomborson, C. and Parampalli. U. Eds., ACS. 49-58
pdf (from crpit.com) pdf (local if available) BibTeX EndNote GS