Analyzing Spatial Structure of IP Addresses for Detecting Malicious Websites
作者: Daiki Chiba , Kazuhiro Tobe , Tatsuya Mori , Shigeki Goto
关键词:
摘要: Web-based malware attacks have become one of the most serious threats that need to be addressed urgently. Several approaches attracted attention as promising ways detecting such include employing several blacklists. However, these conventional often fail detect new owing versatility malicious websites. Thus, it is difficult maintain up-to-date blacklists with information for To tackle this problem, paper proposes a scheme websites using characteristics IP addresses. Our approach leverages empirical observation addresses are more stable than other metrics URLs and DNS records. While strings form or records highly variable, less i.e., IPv4 address space mapped onto 4-byte strings. In paper, lightweight scalable detection based on machine learning techniques developed evaluated. The aim study not provide single solution effectively detects web-based but develop technique compen- sates drawbacks existing approaches. effectiveness our validated by real data from traffic campus network. results demonstrate can expand coverage/accuracy also unknown covered
elsevier.com
sci-hub.se 参考文章(31)
Charlie Curtsinger, Benjamin Livshits, Benjamin Zorn, Christian Seifert, ZOZZLE: fast and precise in-browser JavaScript malware detection usenix security symposium. pp. 3- 3 ,(2011)
Nick Feamster, Alexander G. Gray, Nadeem Ahmed Syed, Shuang Hao, Sven Krasser, Detecting spammers with SNARE: spatio-temporal network-level automatic reputation engine usenix security symposium. pp. 101- 118 ,(2009)
Roberto Perdisci, David Dagon, Manos Antonakakis, Nick Feamster, Wenke Lee, Building a dynamic reputation system for DNS usenix security symposium. pp. 18- 18 ,(2010)
Roberto Perdisci, David Dagon, Manos Antonakakis, Nick Feamster, Wenke Lee, Notos: Building a Dynamic Reputation System for DNS ,(2010)
Mark Felegyhazi, Vern Paxson, Christian Kreibich, On the potential of proactive domain blacklisting usenix conference on large scale exploits and emergent threats. pp. 6- 6 ,(2010)
Christopher M. Bishop, Pattern Recognition and Machine Learning (Information Science and Statistics) Springer-Verlag New York, Inc.. ,(2006)
John C. Platt, Fast training of support vector machines using sequential minimal optimization Advances in kernel methods. pp. 185- 208 ,(1999)
Peter Komisarczuk, Ian Welch, Christian Seifert, HoneyC - The low-interaction client honeypot University of Wellington. ,(2006)
John C. Platt, Probabilistic Outputs for Support vector Machines and Comparisons to Regularized Likelihood Methods Advances in Large Margin Classifiers. ,(1999)
Christopher M. Bishop, Pattern Recognition and Machine Learning ,(2006)