Detecting the Onset of Infection for Secure Hosts

Free registration required

Executive Summary

Software flaws in applications such as a browser may be exploited by attackers to launch Drive-By-Download (DBD), which has be-come the major vector of malware infection. The authors describe a host-based detection approach against DBDs by correlating the behaviors of human-user related to file systems. The approach involves capturing keyboard and mouse inputs of a user, and correlating these input events to file-downloading events. They describe a real-time monitoring system called DeWare that is capable of accurately detecting the onset of malware infection by identifying the illegal download-and-execute patterns.

  • Format: PDF
  • Size: 49.5 KB