Identification of potential malicious web pages

Le, Van Lam, Welch, I., Gao, Xiaoying Sharon and Komisarczuk, Peter (2011) Identification of potential malicious web pages. In: 9th Australasian Information Security Conference (AISC 2011), January 2011, Perth, Australia.

Full text not available from this repository.

Abstract

Malicious web pages are an emerging security concern on
the Internet due to their popularity and their potential
serious impact. Detecting and analysing them are very
costly because of their qualities and complexities. In this
paper, we present a lightweight scoring mechanism that
uses static features to identify potential malicious pages.
This mechanism is intended as a filter that allows us to
reduce the number suspicious web pages requiring more
expensive analysis by other mechanisms that require
loading and interpretation of the web pages to determine
whether they are malicious or benign. Given its role as a
filter, our main aim is to reduce false positives while
minimising false negatives. The scoring mechanism has
been developed by identifying candidate static features of
malicious web pages that are evaluate using a feature
selection algorithm. This identifies the most appropriate
set of features that can be used to efficiently distinguish
between benign and malicious web pages. These features
are used to construct a scoring algorithm that allows us to
calculate a score for a web page’s potential maliciousness.
The main advantage of this scoring mechanism compared
to a binary classifier is the ability to make a trade-off
between accuracy and performance. This allows us to
adjust the number of web pages passed to the more
expensive analysis mechanism in order to tune overall
performance.

Item Type: Conference or Workshop Item (Paper)
Subjects: Computer science, knowledge and information systems
Depositing User: Vani Aul
Date Deposited: 21 Mar 2014 15:13
Last Modified: 10 Dec 2015 16:09
URI: http://repository.uwl.ac.uk/id/eprint/773

Actions (login required)

View Item View Item

Menu