Detecting Drive-by-Download Attacks based on HTTP Context-Types

Recently, Drive-by-Download attacks have been prevailing. A user’s PC may be infected with a malware derived from tampered web pages. Malicious attackers easily construct Drive-by-Download websites using a software tool, called Exploit Kit. This paper proposes a new method for detecting Drive-by-Download attacks and preventing download of malwares. Our method is based on fine-grained analysis of Drive-by-Download attacks based on HTTP Context-Types. We also evaluate a new detection method for detecting Drive-by-Download attacks, whose effectiveness is proved by the experimental results.