Abstrakti
We present a large-scale study of Windows freeware installers. In particular, we look for potentially unwanted programs (PUP) and other potentially unwanted modifications to the target system made by freeware installers. The analysis is based on almost 800 installers gathered from eight popular software download portals. We measure how many of them drop PUP, such as browser plugins, or make other modifications to the system. In addition to these results, we find that most installers that download executable files over the network are vulnerable to man-in-the-middle attacks, which in the worst cases may be used to execute arbitrary code with elevated privileges on the target system. Moreover, serious man-in-the-middle vulnerabilities are found in application managers provided by download portals.
| Alkuperäiskieli | Englanti |
|---|---|
| Otsikko | Secure IT Systems: 22nd Nordic Conference, NordSec 2017, Tartu, Estonia, November 8–10, 2017, Proceedings |
| Toimittajat | Helger Lipmaa, Aikaterini Mitrokotsa, Raimundas Matulevičius |
| Julkaisupaikka | Cham |
| Kustantaja | SPRINGER |
| Sivut | 209-225 |
| Sivumäärä | 17 |
| ISBN (painettu) | 978-3-319-70290-2 |
| DOI - pysyväislinkit | |
| Tila | Julkaistu - 2017 |
| OKM-julkaisutyyppi | A4 Artikkeli konferenssijulkaisuussa |
| Tapahtuma | NORDIC CONFERENCE ON SECURE IT SYSTEMS - Tartu, Viro Kesto: 8 marrask. 2017 → 10 marrask. 2017 Konferenssinumero: 22 |
Julkaisusarja
| Nimi | Lecture Notes in Computer Science |
|---|---|
| Kustantaja | Springer |
| Vuosikerta | 10674 |
| ISSN (painettu) | 0302-9743 |
| ISSN (elektroninen) | 1611-3349 |
Conference
| Conference | NORDIC CONFERENCE ON SECURE IT SYSTEMS |
|---|---|
| Lyhennettä | NordSec |
| Maa/Alue | Viro |
| Kaupunki | Tartu |
| Ajanjakso | 08/11/2017 → 10/11/2017 |