Blog: Stopping Malware: BLADE Software Eliminates "Drive-By Downloads" From Malicious Websites

Stopping Malware: BLADE Software Eliminates "Drive-By Downloads" From Malicious Websites
Georgia Tech Research News (10/06/10) Abby Vogel Robinson

Georgia Tech researchers have developed Block All Drive-By Download Exploits (BLADE), a browser-independent tool that eliminates drive-by download threats. "BLADE is an effective countermeasure against all forms of drive-by download malware installs because it is vulnerability and exploit agnostic," says Georgia Tech professor Wenke Lee. In testing, BLADE blocked all drive-by malware installation attempts from the more than 1,900 malicious Web sites tested. "BLADE monitors and analyzes everything that is downloaded to a user's hard drive to cross-check whether the user authorized the computer to open, run, or store the file on the hard drive," says Georgia Tech graduate student Long Lu. Testing found that Adobe Reader, Java, and Adobe Flash were the most frequently targeted applications. "BLADE requires a user's browser to be configured to require explicit consent before executable files are downloaded, so if this option is disabled by the user, then BLADE will not be able to protect that user's Web surfing activities," Lee notes.

View Full Article