A Large-Scale Analysis of Download Portals and Freeware Installers

Alberto Geniola, Markku Antikainen, Tuomas Aura

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

2 Citations (Scopus)

Abstract

We present a large-scale study of Windows freeware installers. In particular, we look for potentially unwanted programs (PUP) and other potentially unwanted modifications to the target system made by freeware installers. The analysis is based on almost 800 installers gathered from eight popular software download portals. We measure how many of them drop PUP, such as browser plugins, or make other modifications to the system. In addition to these results, we find that most installers that download executable files over the network are vulnerable to man-in-the-middle attacks, which in the worst cases may be used to execute arbitrary code with elevated privileges on the target system. Moreover, serious man-in-the-middle vulnerabilities are found in application managers provided by download portals.
Original languageEnglish
Title of host publicationSecure IT Systems: 22nd Nordic Conference, NordSec 2017, Tartu, Estonia, November 8–10, 2017, Proceedings
EditorsHelger Lipmaa, Aikaterini Mitrokotsa, Raimundas Matulevičius
Place of PublicationCham
Pages209-225
Number of pages17
DOIs
Publication statusPublished - 2017
MoE publication typeA4 Article in a conference publication
EventNordic Conference on Secure IT Systems - Tartu, Estonia
Duration: 8 Nov 201710 Nov 2017
Conference number: 22

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume10674
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

ConferenceNordic Conference on Secure IT Systems
Abbreviated titleNordSec
CountryEstonia
CityTartu
Period08/11/201710/11/2017

Fingerprint Dive into the research topics of 'A Large-Scale Analysis of Download Portals and Freeware Installers'. Together they form a unique fingerprint.

  • Cite this

    Geniola, A., Antikainen, M., & Aura, T. (2017). A Large-Scale Analysis of Download Portals and Freeware Installers. In H. Lipmaa, A. Mitrokotsa, & R. Matulevičius (Eds.), Secure IT Systems: 22nd Nordic Conference, NordSec 2017, Tartu, Estonia, November 8–10, 2017, Proceedings (pp. 209-225). (Lecture Notes in Computer Science; Vol. 10674). Cham. https://doi.org/10.1007/978-3-319-70290-2_13