Research Article
A Simple and Novel Technique for Counteracting Exploit Kits
@INPROCEEDINGS{10.1007/978-3-319-23829-6_19, author={Byungho Min and Vijay Varadharajan}, title={A Simple and Novel Technique for Counteracting Exploit Kits}, proceedings={International Conference on Security and Privacy in Communication Networks. 10th International ICST Conference, SecureComm 2014, Beijing, China, September 24-26, 2014, Revised Selected Papers, Part I}, proceedings_a={SECURECOMM}, year={2015}, month={11}, keywords={Exploit kit Malware Web browser security}, doi={10.1007/978-3-319-23829-6_19} }- Byungho Min
Vijay Varadharajan
Year: 2015
A Simple and Novel Technique for Counteracting Exploit Kits
SECURECOMM
Springer
DOI: 10.1007/978-3-319-23829-6_19
Abstract
Exploit kits have become a major cyber threat over the last few years. They are widely used in both massive and highly targeted cyber attack operations. The exploit kits make use of multiple exploits for major web browsers like Internet Explorer and popular browser plugins such as Adobe Flash and Reader. In this paper, a proactive approach to preventing this prevalent cyber threat from triggering their exploits is proposed. The suggested new technique called proactively protects vulnerable systems using a fundamental characteristic of the exploit kits. Specifically, it utilises of web browsers and browser plugins. is a zero-configuration solution, which means that users do not need to configure anything after installing it. In addition, it is an easy-to-employ methodology from the perspective of plugin developers. We have implemented a lightweight prototype and have shown that enabled vulnerable systems can counteract 50 real-world and one locally deployed exploit kit URLs. Tested exploit kits include popular and well-maintained ones such as Blackhole 2.0, Redkit, Sakura, Cool and Bleeding Life 2. We have also demonstrated that the false positive rate of is virtually zero, and it is robust enough to be effective against real web browser plugin scanners.
