BLADE: An Attack-Agnostic Approach for Preventing Drive-By Malware Infections

Web-based surreptitious malware infections (i.e., drive-by downloads) have become the primary method used to deliver malicious software onto computers across the Internet. To address this threat, the authors present a browser independent operating system kernel extension designed to eliminate drive by malware installations. The BLADE (BLock All Drive-by download Exploits) system asserts that all executable files delivered through browser downloads must result from explicit user consent and transparently redirects every unconsented browser download into a non-executable secure zone on disk.