I've spent some time researching the topic and the various attack vectors and opportunities that are available through browser based malware. Consequently, I submitted a paper for the Avar 2008 Conference on Browser Based Malware Attacks which will detail the research I've conducted.
Avar is the largest Asia-Pacific conference for anti-malware technologies that is being brought to Delhi, India by QuickHeal in December 08.
I have been exploring the various attack vectors through which browser based malware could exist and analyzing their impact as compared to traditional malware.

Before the days of Web 2.0, browser based malware was fairly limited to drive-by-downloads, however since the discovery of JavaScript Attacks, CSS attacks etc the field has opened up. Some of the currently seen browser-based malware techniques are as follows:
- Drive-By Downloads
- JavaScript Worms and Viruses
- CSS Attacks
- Browser Add-ons Viruses and Worms
Also considering that System based viruses and worms have are being comparitively well covered by Anti-Virus, Anti-Malware and Internet Security Products, it leaves the door wide-open for Browser Based Malware Attacks.
Through this research paper I intend to carry out a detailed analysis of browser-based malware threats and hope to dissect each threat and determine the following:
- How they work?
- What is the threat posed and possible impact?
- How they can be remediated?
- Will any current security products thwart this attack?
0 comments:
Post a Comment