A Visual Approach to Detecting Drive-by Download Attacks

Abstract

Drive-by Download(DbD) attack is one of malware infection schemes that pose a major threat to users on the Internet. The attack tends to go unnoticed by users, because, upon infection, there is almost no visible change to the screen or the computer. Moreover, infections can occur merely as a result of a user visiting a web page. The conventional approach to DbD attacks is to use anti-virus(AV) software to detect malware. However, this approach is limited, because AV software does not always correctly detect emerging malware. Therefore, we designed a network-communication visualization system to assist in the detection of DbD attacks. We expect that the proposed visualization system will successfully give an awareness to users of suspicious software downloads.