Date Added: Oct 2009
During the last few years the authors have experienced a rise in malware that use so called drive-by web downloads to infect end-hosts. In response, several research efforts have proposed host-based mechanisms to prevent such attacks or to minimize their impact. These mechanisms sandbox the browser either through Virtual Machines (VMs) or via system call interposition. However, the effectiveness and usability of these techniques depend on the policies set to control either the browser's system calls or the VM's access to the host environment and the network.