1. Field of the Invention
Embodiments of the present invention generally relate to computer security systems and, more particularly, to a method and apparatus for detecting malicious software transmission through a web portal.
2. Description of the Related Art
Widespread use of the Internet by small to large organization results in an increase in computer system attacks by various malicious software programs (e.g., viruses, Trojan horses, worms and/or the like). Such malicious software programs may be transmitted (e.g., through drive by download) to the computer system, without a user's consent and/or knowledge, as an executable program, as an email attachment, as malicious HTML code on a web page and/or the like.
Generally, the malicious software programs identify and target a vulnerability associated with a web portal (i.e., a web browser), a mail server, an operating system and/or the like, to access the computer system. For example, the user may utilize the web portal (e.g., an Internet Explorer, a Firefox and/or the like) to access various websites. As such, a particular malicious software program may identify and exploit the vulnerability of the web portal to exert control over the computer system. Subsequently, the malicious software programs is executed on the computer system, without the user's knowledge, in order to damage expensive computer hardware, destroy valuable data, consume limited computing resources and/or compromise sensitive information. Consequently, security of the computer system is compromised.
Currently, various security software programs (e.g., anti-virus, anti-spyware, anti-phishing software programs) are employed to detect the malicious software programs and prevent problems caused by the execution of such malicious software programs. The various security software programs may monitor a computer system for activities and/or code signatures associated with the malicious software programs and provide various remedial measures, such as quarantining, repairing or deleting infected files. However, the security software programs require a prior knowledge of known vulnerabilities, internal architecture of the web portals and the signatures of the known vulnerabilities. As a result, the security software programs protect the computer system only from known vulnerabilities and hence, fail to protect against unknown vulnerabilities.
Therefore, there is a need in the art for a method and apparatus for detecting malicious software transmission through a web portal.