Survey on Malicious URL Hitches, Propagation Mechanisms and Analysis of Classification Algorithms
Citation
Samridhi Sharma, ShabnamParveen"Survey on Malicious URL Hitches, Propagation Mechanisms and Analysis of Classification Algorithms", International Journal of Engineering Trends and Technology (IJETT), V22(4),183-187 April 2015. ISSN:2231-5381. www.ijettjournal.org. published by seventh sense research group
Abstract
MaliciousURLdetectionhas becomeincreasinglydifficult due tothe evolution ofphishingcampaignsand efforts toavoid weakeningblacklist. The existing stateof cybercrimehas allowedpiratesto hostcampaignswith smallerlifespan, which reduces the efficacy of theblacklist.Atthe same time, standardsupervised learning algorithmsare known togeneralizeinspecific patternsobserved in thetraining data,which makes thema better alternativeagainstpiracycampaigns. However, thehighly dynamic environmentof these campaignsrequiresmodelsupdatedfrequently, whichposes new challengesas mostcharacteristiclearning algorithmsaretoocomputationally exclusiveretraining. This paper surveys two contributions. Firstly it discusses the problems associated with Malicious URL and there propagation mechanism. Secondly, it provides method to detect and distinguish Malicious URL by analyzing them.For analysis Recall, Precision and F-measures matrices are used.
References
[1]. Apte, Jitendra, and Marina Lima Roesler. "Interactive multimedia advertising and electronic commerce on a hypertext network." U.S. Patent No. 7,225,142. 29 May 2007.
[2]. Ravula, Ravindar Reddy. Classification of Malware using Reverse Engineering and Data Mining Techniques. Diss. University of Akron, 2011.
[3]. "Pandalabs Q2 Report Details New Tabnabbing PhishingScam",ByPandaSecurity,http://www.pandasecurity.com/ mediacenter/news/pandalabs-q2-report-details-new-tabnabbingphishing- scam/, July 1, 2010.
[4]. Nikiforakis, Nick, Federico Maggi, GianlucaStringhini, M. ZubairRafique, WouterJoosen, Christopher Kruegel, Frank Piessens, Giovanni Vigna, and Stefano Zanero. "Stranger danger: exploring the ecosystem of ad-based URL shorteningservices." In Proceedings of the 23rd international conference on World wide web, pp. 51-62. International World Wide Web Conferences Steering Committee, 2014.
[5]. Karlof, Chris, Umesh Shankar, J. Doug Tygar, and David Wagner. "Dynamic pharming attacks and locked same-originpolicies for web browsers." In Proceedings of the 14th ACM conference on Computer and communications security, pp. 58-71. ACM, 2007.
[6]. S. Divya, "A Survey on Various Security Threats and Classification of Malware Attacks, Vulnerabilities and DetectionTechniques." International Journal of Computer Science & Applications (TIJCSA) 2, no. 04 (2013).
[7]. Yossi Spiegel, "Commercial software, adware, and consumer privacy." International Journal of Industrial Organization 31, no. 6 (2013): 702-713.
[8]. ValentinHamon, "Malicious URI resolving in PDF documents." Journal of Computer Virology and Hacking Techniques 9, no. 2 (2013): 65-76.
[9]. HodaEldardiry, Evgeniy Bart, Juan Liu, John Hanley, Bob Price, and Oliver Brdiczka. "Multi-domain informationfusion for insider threat detection." In Security and Privacy Workshops (SPW), 2013 IEEE, pp. 45-51. IEEE, 2013.
[10]. William T.Young, Henry G. Goldberg, Alex Memory, and James F. Sartain. "Use of domain knowledge to detect insiderthreats in computer activities." In Security and Privacy Workshops (SPW), 2013 IEEE, pp. 60-67. IEEE, 2013.
[11]. Neha Gupta, AnupamaAggarwal, and PonnurangamKumaraguru. "bit. ly/malicious: Deep Dive into Short URL based e-Crime Detection." In Electronic Crime Research (eCrime), 2014 APWG Symposium on, pp. 14-24. IEEE, 2014.
[12]. Luca Invernizzi et.al “EVILSEED: A Guided Approach to Finding Malicious Web Pages”,2012 IEEE 2012 IEEE Symposium on Security and Privacy
[13]. Jian Cao, Qiang Li, YuedeJi, Yukun He, and Dong Guo. "Detection of Forwarding-Based Malicious URLs in Online Social Networks." International Journal of Parallel Programming (2014): 1-18.
[14]. Da Huang, Kai Xu, and Jian Pei. "Malicious URL detection by dynamically mining patterns without pre-defined elements." World Wide Web 17, no. 6 (2014): 1375-1394
[15]. Nick Nikiforakis, Federico Maggi, GianlucaStringhini, M. ZubairRafique, WouterJoosen, Christopher Kruegel, Frank Piessens, Giovanni Vigna, and Stefano Zanero. "Stranger danger: exploring the ecosystem of ad-based URL shortening services." In Proceedings of the 23rd international conference on World wide web, pp. 51-62. International World Wide Web Conferences Steering Committee, 2014.
[16]. BirhanuEshete and V. N. Venkatakrishnan."WebWinnow: “lveraging exploit kit workflows to detect malicious urls." In Proceedings of the 4th ACM conference on Data and application security and privacy, pp. 305-312. ACM, 2014.
[17]. HeshamMekky, Ruben Torres, Zhi-Li Zhang, SabyasachiSaha, and Antonio Nucci. "Detecting malicious HTTP redirections using trees of user browsing activity." In INFOCOM, 2014 Proceedings IEEE, pp. 1159-1167. IEEE, 2014.
[18]. Karan B. Maniar ”Overview of Cyber Security” International Journal of Engineering Trends and Technology (IJETT) – Volume 15 Number 3 – Sep 2014
[19]. H. B. Kazemian and S. Ahmed. "Comparisons of machine learning techniques for detecting malicious webpages." Expert Systems with Applications 42, n o. 3 (2015): 1166-117.
Keywords
Attacks, Adware Classification, Malicious web page analysis, Malicious URLs, Machine Learning.