Accession Number:

ADA439363

Title:

Taxonomy of Spyware and Empirical Study of Network Drive-By-Downloads

Descriptive Note:

Master's Thesis

Corporate Author:

NAVAL POSTGRADUATE SCHOOL MONTEREY CA

Personal Author(s):

Report Date:

2005-09-01

Pagination or Media Count:

182.0

Abstract:

Spyware has rapidly become a major security concern in government and corporate networks as well as for home computers. Spyware is able to circumvent common security practices, funneling information to remote parties and consuming system resources with impunity. This malicious software has infiltrated common search engines and Internet sectors generally considered safe. Making use of browser vulnerabilities, spyware infection is wide-spread. This thesis considers common infection vectors and reviews current definitions in arriving at an improved definition of spyware. It identifies four common activities present in all spyware which lead to multiple behavioral capabilities. An empirical analysis of network drive-by-downloads shows the presence of spyware in bank, online travel, and real estate-related Internet sectors. The impact of system security patch maintenance on spyware susceptibility, and browser differences in the context of drive-by-downloads is also presented.

Subject Categories:

  • Information Science
  • Computer Hardware
  • Computer Systems

Distribution Statement:

APPROVED FOR PUBLIC RELEASE