{"title":"Web恶意内容的自动轻量级检测与分类","authors":"Aziz Mohaisen","doi":"10.1109/HotWeb.2015.20","DOIUrl":null,"url":null,"abstract":"Malicious webpages are today one of the most prevalent threats in the Internet security landscape. To understand such problem, there has been several efforts of analysis, classification, and labeling of malicious webpages, ranging from the simple static techniques to the more elaborate dynamic techniques. Building on such efforts, this work summarizes our work in the design and evaluation of a system that utilizes machine learning techniques over network metadata to identify malicious webpages and classify them into broader classes of vulnerabilities. The system uses easy to interpret features, utilizes uniquely acquired dynamic network artifacts, and known labels for rendered webpages in a sandboxed environment. We report on the success (and failure) of our system, and the way forward by suggesting open directions for practical malicious web contents classification.","PeriodicalId":252318,"journal":{"name":"2015 Third IEEE Workshop on Hot Topics in Web Systems and Technologies (HotWeb)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"17","resultStr":"{\"title\":\"Towards Automatic and Lightweight Detection and Classification of Malicious Web Contents\",\"authors\":\"Aziz Mohaisen\",\"doi\":\"10.1109/HotWeb.2015.20\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Malicious webpages are today one of the most prevalent threats in the Internet security landscape. To understand such problem, there has been several efforts of analysis, classification, and labeling of malicious webpages, ranging from the simple static techniques to the more elaborate dynamic techniques. Building on such efforts, this work summarizes our work in the design and evaluation of a system that utilizes machine learning techniques over network metadata to identify malicious webpages and classify them into broader classes of vulnerabilities. The system uses easy to interpret features, utilizes uniquely acquired dynamic network artifacts, and known labels for rendered webpages in a sandboxed environment. We report on the success (and failure) of our system, and the way forward by suggesting open directions for practical malicious web contents classification.\",\"PeriodicalId\":252318,\"journal\":{\"name\":\"2015 Third IEEE Workshop on Hot Topics in Web Systems and Technologies (HotWeb)\",\"volume\":\"2 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-11-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"17\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 Third IEEE Workshop on Hot Topics in Web Systems and Technologies (HotWeb)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/HotWeb.2015.20\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 Third IEEE Workshop on Hot Topics in Web Systems and Technologies (HotWeb)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HotWeb.2015.20","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Towards Automatic and Lightweight Detection and Classification of Malicious Web Contents
Malicious webpages are today one of the most prevalent threats in the Internet security landscape. To understand such problem, there has been several efforts of analysis, classification, and labeling of malicious webpages, ranging from the simple static techniques to the more elaborate dynamic techniques. Building on such efforts, this work summarizes our work in the design and evaluation of a system that utilizes machine learning techniques over network metadata to identify malicious webpages and classify them into broader classes of vulnerabilities. The system uses easy to interpret features, utilizes uniquely acquired dynamic network artifacts, and known labels for rendered webpages in a sandboxed environment. We report on the success (and failure) of our system, and the way forward by suggesting open directions for practical malicious web contents classification.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
