Software flaws in applications such as a browser may be exploited by attackers to launch drive-by-download (DBD), which has become the major vector of malware infection. We describe a host-based detection approach against DBDs by correlating the behaviors of human-user related to file systems. Our approach involves capturing keyboard and mouse inputs of a user, and correlating these input events to file-downloading events. We describe a real-time monitoring system called DeWare that is capable of accurately detecting the onset of malware infection by identifying the illegal download-and-execute patterns. © 2010 Springer-Verlag.
CITATION STYLE
Xu, K., Ma, Q., & Yao, D. (2010). Detecting the onset of infection for secure hosts. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6307 LNCS, pp. 492–493). Springer Verlag. https://doi.org/10.1007/978-3-642-15512-3_29
Mendeley helps you to discover research relevant for your work.