VILEEAR: Detection of Drive by Download attack on Malicious Web Pages

Internet is a platform which is mostly used to spread malicious software and viruses on the network. The drive by download (DBD) is most successful and popular attack invented by web site attacker till date. Drive by download attack enables the victims to click coded malicious links and the browser will be redirected to malicious web sites to exploit vulnerabilities, and also it installs software from internet that can be harmful for victim`s machine. Script code embedded in plug-in are commonly used by attacker to execute drive-by download attack which is capable to exploit victim`s system vulnerabilities. Thus it is most challenging and important to find solutions that will detect and mitigate DBD attack. To Detect Drive by download attack is biggest challenge since there is tremendous growth of number of pages hosted on the web. So it is tedious to find small portion of malware network from web and detect whether the web page is harmful or not. In this paper we have proposed an enhanced mechanism called VILEEAR to detect Drive-by download attack. This system will locate and thoroughly analyze the web pages in malware distribution network (MDN) to detect DBD attack. The system will work like a supervised learning process for finding malicious web page in an MDN and will keep on improving the process to detect DBD attack after each iteration.