Study finds Internet rife with attack codes

Report evaluate methods to defend against client-side attacks on web browsers

Even seemingly safe web addresses are rife with attack code aiming at vulnerable clients, according to a new study from the Honeynet Project. The study also found that methods such as blacklists can be surprisingly successful in stopping client-side attacks.

Attackers are increasingly turning to end-user systems as a way around the antivirus and firewall systems that are increasingly blocking access to traditional attack routes, according to the researchers, who hail from the US, Germany and New Zealand.

"The 'black hats' are turning to easier, unprotected attack paths to place their malware onto the end-user's machine," they said in the study, called "Know Your Enemy: Malicious Web Servers."

The researchers, using a "high-interaction" client honeypot called Capture-HPC developed by the Victoria University of Wellington, analyzed more than 300,000 addresses from around 150,000 hosts.

The study looked at various site categories, including adult, music, news, "warez," defaced, spam and addresses designed to grab traffic from users who mistype common web addresses. While some categories were more likely to contain malicious addresses than others, all contained malicious addresses, the report said.

"As in real life, some 'neighborhoods' are more risky than others, but even users that stay clear of these areas can be victimized," the report said. "Any user accessing the web is at risk."

Users can be led to malicious sites via links, typing in an address manually, mistyping an address or following search-engine results, the study said.

These results only confirm what security researchers have been saying for some time now. But the study also analyzed the effectiveness of safeguards against such infections in some detail.

The research showed that blacklists, if regularly updated, can be a surprisingly effective way of blocking malicious addresses.

The researchers also recommended regular patching, but this may not always be straightforward, since the study found a prevalence of attacks against plug-ins and non-browser applications. "Attacks also target applications that one might have not think about patching, such as Winzip," the study said.

Another technique that can block attacks would be to use a less popular browser, such as Opera, the study found. "Despite the existence of vulnerabilities, this browser didn't seem to be a target," the study said.

The data used as the basis for the study has been made available on the Honeynet Project's website.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Matthew Broersma

Techworld.com
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?