Manufacturing compromise: the emergence of exploit-as-a-service
ACM Conference on Computer and Communications Security, pp. 821-832, 2012.
We investigate the emergence of the exploit-as-a-service model for driveby browser compromise. In this regime, attackers pay for an exploit kit or service to do the "dirty work" of exploiting a victim's browser, decoupling the complexities of browser and plugin vulnerabilities from the challenges of generating traffic to a website under t...More
PPT (Upload PPT)