Anatomy of exploit kits: preliminary analysis of exploit kits as software artefacts

Authors:
Vadim Kotov;Fabio Massacci
Affiliations:
DISI - University of Trento, Italy;DISI - University of Trento, Italy
Venue:
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Year:
2013

Citing 5
Cited 1

An inquiry into the nature and causes of the wealth of internet miscreants

Proceedings of the 14th ACM conference on Computer and communications security
There is no free phish: an analysis of "free" and live phishing kits

WOOT'08 Proceedings of the 2nd conference on USENIX Workshop on offensive technologies
An analysis of underground forums

Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
A Case Study of Intelligence-Driven Defense

IEEE Security and Privacy
Manufacturing compromise: the emergence of exploit-as-a-service

Proceedings of the 2012 ACM conference on Computer and communications security

WebWinnow: leveraging exploit kit workflows to detect malicious urls

Proceedings of the 4th ACM conference on Data and application security and privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we report a preliminary analysis of the source code of over 30 different exploit kits which are the main tool behind drive-by-download attacks. The analysis shows that exploit kits make use of a very limited number of vulnerabilities and in a rather unsophisticated fashion. Their key strength is rather their ability to support "customers" in avoiding detection, monitoring traffic, and managing exploits.