- From: Rachna Dhamija <rachna.w3c@gmail.com>
- Date: Wed, 27 Jun 2007 15:47:12 -0700
- To: public-wsc-wg@w3.org
Received on Wednesday, 27 June 2007 22:47:23 UTC
As a follow up to our conversation today about malware and phishing, I thought I'd send out this Google paper on web-based malware. It presents a good overview of the problem and categorizes how exploits are placed on web pages (through compromised web servers, user contributed content, advertising and third party widgets) and how malware is installed (by luring a user to visit a website and then exploiting browser vulnerabilities or tricking the user to give their permission). The Ghost In The Browser: Analysis of Web-based Malware Niels Provos, Dean McNamee, Panayiotis Mavrommatis, Ke Wang and Nagendra Modadugu http://www.usenix.org/events/hotbots07/tech/full_papers/provos/provos.pdf
Received on Wednesday, 27 June 2007 22:47:23 UTC