Sign In

Communications of the ACM

ACM TechNews

Stopping Stealthy Downloads


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook

SRI International and Georgia Tech researchers have developed Block All Drive-By Download Exploits (BLADE), free software that can stop Internet attacks brought on by visiting a Web site. BLADE acts by halting downloads that are initiated without the user's consent.

In 2009's fourth quarter, about 5.5 million Web pages contained software designed to install unwanted malware on visitors, according to Dasient. The researchers tested BLADE and found that it blocked all of the more than 5,150 malicious programs unleashed by the 1,205 drive-by URLs they tested. Adobe's PDF Reader accounted for more than half of the applications targeted by the drive-by exploits and Sun Microsystems' Java platform attracted about 25 percent of all drive-by attacks, with most of the remaining exploits being aimed at Adobe Flash and Internet Explorer.

Experts say that BLADE still needs to be tested in real-world settings, and SRI's Phil Porras notes that it cannot stop all Web-based malware, such as social-engineering attacks.

From Technology Review
View Full Article

 

Abstracts Copyright © 2010 Information Inc., Bethesda, Maryland, USA


 

No entries found