Sign In

Communications of the ACM

ACM TechNews

Stopping Stealthy Downloads


SRI International and Georgia Tech researchers have developed Block All Drive-By Download Exploits (BLADE), free software that can stop Internet attacks brought on by visiting a Web site. BLADE acts by halting downloads that are initiated without the user's consent.

In 2009's fourth quarter, about 5.5 million Web pages contained software designed to install unwanted malware on visitors, according to Dasient. The researchers tested BLADE and found that it blocked all of the more than 5,150 malicious programs unleashed by the 1,205 drive-by URLs they tested. Adobe's PDF Reader accounted for more than half of the applications targeted by the drive-by exploits and Sun Microsystems' Java platform attracted about 25 percent of all drive-by attacks, with most of the remaining exploits being aimed at Adobe Flash and Internet Explorer.

Experts say that BLADE still needs to be tested in real-world settings, and SRI's Phil Porras notes that it cannot stop all Web-based malware, such as social-engineering attacks.

From Technology Review
View Full Article

 

Abstracts Copyright © 2010 Information Inc., Bethesda, Maryland, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account