Posted by Lucas Ballard and Niels Provos, Google Security Team Trends in Circumventing Web-Malware Detection .” full report for details on our methodology and measurements. The analysis covers approximately 160 million web pages hosted on approximately 8 million sites. Social Engineering
Number of sites distributing Social Engineering Malware and Exploits over time
Drive-by Download Exploit Trends
Prevalence of exploits targeting specific CVEs over time
Increase in IP Cloaking
Malware distributors are increasingly relying upon ‘cloaking’ as a technique to evade detection. The concept behind cloaking is simple: serve benign content to detection systems, but serve malicious content to normal web page visitors. Over the years, we have seen more malicious sites engaging in IP cloaking. To bypass the cloaking defense, we run our scanners in different ways to mimic regular user traffic.
Number of sites practicing IP Cloaking over time
New Detection Capabilities
Our report analyzed four years of data to uncover trends in malware distribution on the web, and it demonstrates the ongoing tension between malware distributors and malware detectors. To help protect Internet users, even those who don’t use Google, we have updated the Safe Browsing infrastructure over the years to incorporate many state-of-the-art malware detection technologies. We hope the findings outlined in this report will help other researchers in this area and raise awareness of some of the current challenges.
Follow
3 comments :
Thanks so much for all you do. I had no idea about the behind-the-scenes work that is done to secure my internet usage. What is malware, anyway?
Is there a such thing as a "safe browsing badge" that someone can put on their website which would link to the google safe browsing diagnostic page for that particular website?
It might help to answer your question if google's safe browsing diagnostic page were explained. Thanks for the comment.
Meg
Post a Comment