Description: Increased built-in security and robust standard configurations have made the classical operating system vulnerabilities a rare occurrence. Malware authors have been forced to switch to alternative channels to get their malicious software installed. One of the main delivery mechanisms is the “drive-by-download”: malware is placed on websites and visiting users get infected through their browser, either by attacking a vulnerability in the browser itself; or in one of the common extension or plug-ins.
We will then investigate and compare NEPTUNE’s main strategies for the detection of malware: static analysis that applies heuristics vs. a purely behavioral model. Both methods have pros and cons and we will demonstrate advantages and disadvantages of both approaches discussing accuracy, complexity and performance.