Name
Abstract | ||
|---|---|---|
The web is one of the most popular vectors to spread malware. Attackers lure victims to visit compromised web pages or entice them to click on malicious links. These victims are redirected to sites that exploit their browsers or trick them into installing malicious software using social engineering. In this paper, we tackle the problem of detecting malicious web pages from a novel angle. Instead of looking at particular features of a (malicious) web page, we analyze how a large and diverse set of web browsers reach these pages. That is, we use the browsers of a collection of web users to record their interactions with websites, as well as the redirections they go through to reach their final destinations. We then aggregate the different redirection chains that lead to a specific web page and analyze the characteristics of the resulting redirection graph. As we will show, these characteristics can be used to detect malicious pages. We argue that our approach is less prone to evasion than previous systems, allows us to also detect scam pages that rely on social engineering rather than only those that exploit browser vulnerabilities, and can be implemented efficiently. We developed a system, called SpiderWeb, which implements our proposed approach. We show that this system works well in detecting web pages that deliver malware. |
Year | DOI | Venue |
|---|---|---|
2013 | 10.1145/2508859.2516682 | ACM Conference on Computer and Communications Security |
Keywords | Field | DocType |
malicious web page,malicious page,web page,surfing crowd,web browser,shady path,web user,malicious software,specific web page,social engineering,different redirection chain,malicious link,malware,web pages | Same-origin policy,Static web page,Web development,Internet privacy,World Wide Web,Web page,Web threat,Computer security,Computer science,Web navigation,Client-side scripting,Web server | Conference |
Citations | PageRank | References |
43 | 1.31 | 22 |
Authors | ||
3 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Gianluca Stringhini | 1 | 701 | 61.87 |
| Christopher Kruegel | 2 | 8799 | 516.05 |
| Giovanni Vigna | 3 | 7121 | 507.72 |