Some Trends in Web Application Development
FOSE '07 2007 Future of Software Engineering
A Systematic Approach to Uncover Security Flaws in GUI Logic
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
BrowserShield: Vulnerability-driven filtering of dynamic HTML
ACM Transactions on the Web (TWEB)
Web 2.0 Creates Security Challenges
Computer
The ghost in the browser analysis of web-based malware
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
Information Security Tech. Report
Social networks and context-aware spam
Proceedings of the 2008 ACM conference on Computer supported cooperative work
Malicious Webpage Detection by Semantics-Aware Reasoning
ISDA '08 Proceedings of the 2008 Eighth International Conference on Intelligent Systems Design and Applications - Volume 01
Collecting Internet Malware Based on Client-side Honeypot
ICYCS '08 Proceedings of the 2008 The 9th International Conference for Young Computer Scientists
Security in web 2.0 application development
Proceedings of the 10th International Conference on Information Integration and Web-based Applications & Services
Securing frame communication in browsers
Communications of the ACM - One Laptop Per Child: Vision vs. Reality
Cybercrime 2.0: When the Cloud Turns Dark
Queue - Web Security
Social Networks as an Attack Platform: Facebook Case Study
ICN '09 Proceedings of the 2009 Eighth International Conference on Networks
Identifying suspicious URLs: an application of large-scale online learning
ICML '09 Proceedings of the 26th Annual International Conference on Machine Learning
Beyond blacklists: learning to detect malicious web sites from suspicious URLs
Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining
Malicious web content detection by machine learning
Expert Systems with Applications: An International Journal
Identification of Malicious Web Pages by Inductive Learning
WISM '09 Proceedings of the International Conference on Web Information Systems and Mining
Anomaly Behavior Analysis for Web Page Inspection
NETCOM '09 Proceedings of the 2009 First International Conference on Networks & Communications
Detection and analysis of drive-by-download attacks and malicious JavaScript code
Proceedings of the 19th international conference on World wide web
| Hi-index | 0.00 |
Malicious web pages are an emerging security concern on the Internet due to their popularity and their potential serious impact. Detecting and analysing them are very costly because of their qualities and complexities. In this paper, we present a lightweight scoring mechanism that uses static features to identify potential malicious pages. This mechanism is intended as a filter that allows us to reduce the number suspicious web pages requiring more expensive analysis by other mechanisms that require loading and interpretation of the web pages to determine whether they are malicious or benign. Given its role as a filter, our main aim is to reduce false positives while minimising false negatives. The scoring mechanism has been developed by identifying candidate static features of malicious web pages that are evaluate using a feature selection algorithm. This identifies the most appropriate set of features that can be used to efficiently distinguish between benign and malicious web pages. These features are used to construct a scoring algorithm that allows us to calculate a score for a web page's potential maliciousness. The main advantage of this scoring mechanism compared to a binary classifier is the ability to make a trade-off between accuracy and performance. This allows us to adjust the number of web pages passed to the more expensive analysis mechanism in order to tune overall performance.