Abstract | ||
---|---|---|
Malicious web pages that use drive-by-download attacks or social engineering technique have become a popular means for compromising hosts on the Internet. To search for malicious web pages, researchers have developed a number of systems that analyze web pages for the presence of malicious code. Most of these systems use dynamic analysis. That is, the tools are quite precise, the analysis process is costly. Therefore, performing this analysis on a large-scale of web pages can be prohibitive. In this paper, we present JSPRE, an approach to search the web more efficiently for pages that are likely malicious. JSPRE proposes a malicious page collection algorithm based on guided crawling, which starts from an initial URLs of know malicious web pages. In the meanwhile, JSPRE uses static analysis techniques to quickly examine a web page for malicious content. We have implemented our approach, and we evaluated it on a large-scale dataset. The results show that JSPRE is able to identify malicious web pages more efficiently when compared to crawler-based approaches. |
Year | DOI | Venue |
---|---|---|
2018 | 10.1007/978-3-030-00021-9_52 | CLOUD COMPUTING AND SECURITY, PT VI |
Keywords | Field | DocType |
Web security, Web client side malicious script, Web crawler, Pre-filter | Internet security,World Wide Web,Crawling,Web page,Computer science,Static analysis,Social engineering (security),Web crawler,JavaScript,Distributed computing,The Internet | Conference |
Volume | ISSN | Citations |
11068 | 0302-9743 | 0 |
PageRank | References | Authors |
0.34 | 12 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Bingnan Hou | 1 | 0 | 0.68 |
Jiaping Yu | 2 | 0 | 0.68 |
Bixin Liu | 3 | 9 | 3.04 |
Zhiping Cai | 4 | 86 | 12.42 |