Drive-by Download Attacks: Effects and Detection Methods

The aim of this study is to present and analyze the problem of drive-by download attacks. Drive-by downloads have become one of the most common ways to infect a large group of unsuspected users. Attackers take full advantage of the functionality of the Internet and its dominance in various transactions of everyday life and spread malware by exploiting vulnerable systems for financial gain. These client-side attacks launched when visiting malicious web sites have become the centre of attention for security researchers and anti-virus companies. The main objective of this paper, therefore, is to understand and describe the conditions under which these attacks happen, the weaknesses that create the problem and the effects they cause on the victims' machines, in order to get deeper to the changes that occur to the system after the infection. An actual infection from malware caused by a drive-by download intends to support the last task. The study, furthermore, spreads on the main techniques known today as a detection mechanism for malicious web pages and the challenges associated with them.