web-based malware

As a follow up to our conversation today about malware and phishing, I
thought I'd send out this Google paper on web-based malware.  It presents a
good overview of the problem and categorizes how exploits are placed on web
pages (through compromised web servers, user contributed content,
advertising and third party widgets) and how malware is installed (by luring
a user to visit a website and then exploiting browser vulnerabilities or
tricking the user to give their permission).

The Ghost In The Browser: Analysis of Web-based Malware
Niels Provos, Dean McNamee, Panayiotis Mavrommatis, Ke Wang and Nagendra
Modadugu
http://www.usenix.org/events/hotbots07/tech/full_papers/provos/provos.pdf

Received on Wednesday, 27 June 2007 22:47:23 UTC