Definitions[]
Mobile code is
| “ | software that is transmitted from a remote system to be executed on a local system, typically without the user's explicit instruction.[1] | ” |
| “ | software programs or parts of programs obtained from remote information systems, transmitted across a network, and executed on a local information system without explicit installation or execution by the recipient.[2] | ” |
| “ | [a] program (e.g., script, macro, or other portable instruction) that can be shipped unchanged to a heterogeneous collection of platforms and executed with identical semantics.[3] | ” |
Overview[]
Mobile code has become a popular way of writing programs that can be used by many different operating systems and applications, such as Web browsers and e-mail clients. Although mobile code is typically benign, attackers have learned that malicious mobile code can be an effective way of attacking systems, as well as a good mechanism for transmitting viruses, worms, and Trojan horses to users' workstations.
Malicious mobile code[]
Malicious mobile code
| “ | is software that is transmitted from a remote computer to be run on the local computer for malicious purposes, typically without the user’s explicit instruction or knowledge.[4] | ” |
Malicious mobile code differs significantly from viruses and worms in that it does not infect files or attempt to propagate itself. Instead of exploiting particular vulnerabilities, it often affects systems by taking advantage of the default privileges granted to mobile code. Popular languages for malicious mobile code include Java, ActiveX, JavaScript, and VBScript. One of the best-known examples of malicious mobile code is Nimda, which used JavaScript.
Security measures[]
Applications such as Web browsers and e-mail clients can be configured to permit only the required forms of mobile code (e.g., JavaScript, ActiveX, Java) and to run mobile code only from particular locations (i.e., internal websites only). This can be effective at stopping some instances of malicious mobile code, but may also impact the functionality of benign websites. Web content filtering software can also be deployed to monitor Web-related network activity and block certain types of mobile code from untrusted locations.
References[]
- ↑ See NIST Special Publication 800-28.
- ↑ NIST Special Publication 800-18, at 35.
- ↑ Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1, App. B, at 46.
- ↑ NIST Special Publication 800-69, at 3-22 n.45.