TABLE OF CONTENTS The abundance of Web sites has turned the Internet from a playground for text-obsessed geeks and academics into a multicoloured and attractive media mall where people can get information, exchange views, and do their shopping and banking. Among the side effects of the explosion in the use of the Internet and inter-connectivity levels is the proliferation of malicious software (malware) that gains access to computers via the World Wide Web (Web).
Hypertext Transfer Protocol (HTTP) and the Hypertext Markup Language (HTML) standard in combination comprise a major building block of Internet communication. It is therefore unsurprising that HTML is frequently used for distribution of malicious code, and thus, that effective blocking of malicious HTML code is becoming more important. At the same time, the increasing effectiveness of anti-virus solutions in blocking Simple Mail Transport Protocol (SMTP) threats (particularly mass mailers), means that the predominant malware deployment vector is moving from SMTP (e-mail) to HTTP (Web).
Here, Dr. Igor G. Muttik, a researcher of considerable reputation and long experience in the development and maintenance of top-flight antivirus solutions, takes an in-depth look at the Web as a vector for malware transmission, and considers technical approaches to detection, removal, and testing.
There is a significant difference between malware distributions over SMTP (e-mail) as opposed to over HTTP. From the point of view of the average computer user, e-mails are received passively, having been pushed onto their systems from afar; e-mails simply come in without any user effort...
