Browse > Article

Technical Trends and Response Methods of Drive-by Download  

Oh, Joo-Hyung (한국인터넷진흥원)
Im, Chae-Tae (한국인터넷진흥원)
Jeong, Hyun-Cheol (한국인터넷진흥원)
Publication Information
Communications of the Korean Institute of Information Scientists and Engineers / v.28, no.11, 2010 , pp. 112-116 More about this Journal
Keywords
Citations & Related Records
연도 인용수 순위
  • Reference
1 Sina dloader class activex control's downloadandinstall' method arbirary file download vulnerability, http://www.securityfocus.com/bid/30223/info
2 MS IE daxctle.ocx KeyFrame 메소드 힙 오버플로우 취약점 분석 보고서, http://pds.nprotect.co.kr/pds/virusinfo_img/INCA_Alert%5BMS_IE_daxctle.ocx_KeyFrame_Method_Heap_Overflow%5D.pdf
3 ActiveX 취약성 공격시의 Unicode Shellcode, http://hkpco.kr/paper/ActiveX_Shellcode.pdf
4 W.G.J. Halfond and A. Orso, "Amnesia: analysis and monitoring for neutralizing sql-injection attacks", Proceedings of the 20th IEEE/ACM international Conference on Automated software engineeringm, page 174-183, 2005
5 S. Bandhakavi, P. Bisht, P. Madhusudan, and V. N. Venkatakrishnan, "Candid: preventing sql injection attacks using dynamic candidate evaluations", In CCS' 07: Proceedings of the 14th ACM conference on Computer and communications security, pages 12-24, 2007
6 MS Internet Explorer (IFRAME Tag) Buffer Overflow Exploit, http://milw0rm.com/exploits/612
7 Empirical study of drive-by-download spyware. http://cisr.nps.navy.mil/downloads/06paper_spyware.pdf
8 N. Provos, D. McNamee, P. Mavrommatis, K. Wang, and N. Modadugu, "The ghost in the browser analysis of web-based malware", HotBots'07, pages 4-10, 2007