计算机技术与发展Issue(2):131-135,5.DOI:10.3969/j.issn.1673-629X.2014.02.032
基于浏览器扩展的Drive-by Download防御方法
Method of Preventing Drive-by Download Attack Based on Browser Extension
摘要
Abstract
Web based malware infection and propagation method becomes the main way of virus's spreading in the Internet. Drive-by Download is one of the best known ways among them. Make use of the browser extension to monitor user's download file activities,to construct the white list. In addition to this,install a hook in the kernel space to prevent unauthorized file to execute,so as to block the Drive-by Download attacks. It has implemented a prototype:DPrevent (Drive-by Download Prevent),which is based on the Firefox ex-tension,for the Microsoft Windows platform. The experiment demonstrates that,the false positive and false negative of the DPrevent are both zero. Since of the agnostic for the attack method,it can also defend the zero-day attacks. The overhead of DPrevent is almost zero, which is better than the other dynamic skills in this area.关键词
浏览器扩展/Drive-by Download/Web安全Key words
browser extension/Drive-by Download/Web security分类
信息技术与安全科学引用本文复制引用
田睿智,茅兵,谢立..基于浏览器扩展的Drive-by Download防御方法[J].计算机技术与发展,2014,(2):131-135,5.基金项目
国家自然科学基金资助项目(60773171) (60773171)
