{"title":"Automated malicious advertisement detection using VirusTotal, URLVoid, and TrendMicro","authors":"Rima Masri, M. Aldwairi","doi":"10.1109/IACS.2017.7921994","DOIUrl":null,"url":null,"abstract":"The Internet economy is based on free access to content in exchange of viewing advertisements that might lead to online purchases. Advertisements represent an important source of revenue to Advertising companies. Those companies employ every possible technique and trick to maximize clicks and visits to advertisers' websites. Modern websites exchange advertisement contents from ads' providers (such as Google AdSense), which means they do not control the contents of those advertisements. Although large providers such as Google and Yahoo! are supposed to be trustworthy, ad arbitration allows them to auction of those ad slots to other providers. Therefore, web administrators cannot guarantee the source of the ads on their delegated website areas. Those advertisements contain Javascript and may redirect to malicious websites which might lead to malicious code being executed or malware being installed. This paper proposes and implements a system for automatically detecting malicious advertisements. It employs three different online malware domain detections systems (VirusTotal, URLVoid, and TrendMicro) for malicious advertisements detection purposes and reports the number of detected malicious advertisements using each system. In addition, we study the efficiency of each system by calculating the confusion matrix and accuracy. We find that URLVoid is the best in terms of accuracy (73%) because it uses a combination of well known website scanners and domain blacklists.","PeriodicalId":180504,"journal":{"name":"2017 8th International Conference on Information and Communication Systems (ICICS)","volume":"78 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"34","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 8th International Conference on Information and Communication Systems (ICICS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IACS.2017.7921994","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 34
Abstract
The Internet economy is based on free access to content in exchange of viewing advertisements that might lead to online purchases. Advertisements represent an important source of revenue to Advertising companies. Those companies employ every possible technique and trick to maximize clicks and visits to advertisers' websites. Modern websites exchange advertisement contents from ads' providers (such as Google AdSense), which means they do not control the contents of those advertisements. Although large providers such as Google and Yahoo! are supposed to be trustworthy, ad arbitration allows them to auction of those ad slots to other providers. Therefore, web administrators cannot guarantee the source of the ads on their delegated website areas. Those advertisements contain Javascript and may redirect to malicious websites which might lead to malicious code being executed or malware being installed. This paper proposes and implements a system for automatically detecting malicious advertisements. It employs three different online malware domain detections systems (VirusTotal, URLVoid, and TrendMicro) for malicious advertisements detection purposes and reports the number of detected malicious advertisements using each system. In addition, we study the efficiency of each system by calculating the confusion matrix and accuracy. We find that URLVoid is the best in terms of accuracy (73%) because it uses a combination of well known website scanners and domain blacklists.