{"title":"Software distribution as a malware infection vector","authors":"Felix Gröbert, A. Sadeghi, M. Winandy","doi":"10.1109/ICITST.2009.5402538","DOIUrl":null,"url":null,"abstract":"The software distribution and usage over the Internet has become an integral part of our daily life. This is an efficient way to make software widely available to users. But it bears the risk of infecting computers with malicious software since many applications are still downloaded and installed without appropriate security measures. Cyber criminals can obviously exploited this situation, but also governments intending to deploy spyware against suspects. In this paper we present an efficient mechanism as well as the corresponding reference implementation for on-the-fly infecting of executable code with malicious software. Our algorithm deploys virus infection routines and network redirection attacks without requiring to modify the application itself. This allows to even infect executables with a embedded signature when the signature is not automatically verified before execution. We briefly discuss counter-measures such as secure channels, code authentication as well as trusted virtualization that enables the isolation of untrusted downloads from trusted applications.","PeriodicalId":251169,"journal":{"name":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 International Conference for Internet Technology and Secured Transactions, (ICITST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICITST.2009.5402538","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5
Abstract
The software distribution and usage over the Internet has become an integral part of our daily life. This is an efficient way to make software widely available to users. But it bears the risk of infecting computers with malicious software since many applications are still downloaded and installed without appropriate security measures. Cyber criminals can obviously exploited this situation, but also governments intending to deploy spyware against suspects. In this paper we present an efficient mechanism as well as the corresponding reference implementation for on-the-fly infecting of executable code with malicious software. Our algorithm deploys virus infection routines and network redirection attacks without requiring to modify the application itself. This allows to even infect executables with a embedded signature when the signature is not automatically verified before execution. We briefly discuss counter-measures such as secure channels, code authentication as well as trusted virtualization that enables the isolation of untrusted downloads from trusted applications.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
