A Novel Approach for Detection of Malicious Websites using Machine Learning Techniques

Authors

  • Dr. Md. Sirajuddin  Professor, Head of the Department,Information Technology, Kallam Haranadha Reddy Institute of Technology, Chowdavaram, Guntur (Dt), Andhra Pradesh, India
  • B. Bhavani  B. Tech, Department of Information Technology, Kallam Haranadha Reddy Institute of Technology, Chowdavaram, Guntur(Dt), Andhra Pradesh, India
  • Y. Akshaya  B. Tech, Department of Information Technology, Kallam Haranadha Reddy Institute of Technology, Chowdavaram, Guntur(Dt), Andhra Pradesh, India
  • P. Reethika  B. Tech, Department of Information Technology, Kallam Haranadha Reddy Institute of Technology, Chowdavaram, Guntur(Dt), Andhra Pradesh, India
  • T. Sriram Reddy  B. Tech, Department of Information Technology, Kallam Haranadha Reddy Institute of Technology, Chowdavaram, Guntur(Dt), Andhra Pradesh, India

DOI:

https://doi.org/10.32628/IJSRSET231029

Keywords:

Malicious Websites, Detection, Efficiency, Effec- Tiveness

Abstract

When an unsuspecting victim visits a malicious website, it infects her machine to steal valuable information, redirects her to malicious targets, or compromises her system to launch future attacks. While current approaches have. There are still open issues in effectively and efficiently addressing: filtering of web pages from the wild, coverage of a wide range of malicious characteristics to capture the big picture, continuous evolution of web page features, systematic combination of features, semantic implications of feature values on characterizing web pages, ease and cost of flexibility and scalability of analysis and detection technology. In this position paper, we highlight our ongoing efforts towards effective and efficient analysis and detection of malicious websites, with a particular emphasis on broader feature space and attack-payloads, technique flexibility with changes in malicious characteristics and web pages, and, most importantly, technique usability in defending users against malicious websites.

References

  1. D. Canali, M. Cova, G. Vigna, and C. Kruegel, “Prophiler: a fast filter for the large-scale detection of malicious web pages,” in Proceedings of the 20th international conference on World wide web, 2011, pp. 197–206.
  2. J. Ma, S. L. K., S. Stefan, and V. G. M., “Beyond black- lists: learning to detect malicious web sites from suspicious urls,” in Proceedings of the 15th international conference on Knowledge discovery and data mining, 2009, pp. 1245–1254.
  3. M. Qassrawi and H. Zhang, “Detecting malicious web servers with honeyclients,” Journal of Networks, vol. 6, no. 1, 2011.
  4. A. Dewald, T. Holz, and F. C. Freiling, “Adsandbox: sand- boxing javascript to fight malicious websites,” in ACM Sym- posium on Applied Computing, 2010, pp. 1859–1864.
  5. G. Aggarwal, B. E., J. C., and D. Boneh, “An analysis of private browsing modes in modern browsers.” in Proceedings of the 19th USENIX conference on Security, 2010, pp. 6–6.
  6. B. S., K. S.T., M. P., and W. M., “Vex: vetting browser extensions for security vulnerabilities,” in Proceedings of the 19th USENIX conference on Security, 2010, pp. 22–22.
  7. M. Justin, S. L. K., S. Stefan, and V. G. M., “Identifying suspicious urls: an application of large-scale online learning,” in Proceedings of the 26th Annual International Conference on Machine Learning, ser. ICML ’09, 2009, pp. 681–688.
  8. H. Yung-Tsung, C. Yimeng, C. Tsuhan, L. Chi-Sung, and C. Chia-Mei, “Malicious web content detection by machine learning,” Expert Syst. Appl., vol. 37, pp. 55–60, 2010.
  9. C. Seifert, I. Welch, and P. Komisarczuk, “Identification of malicious web pages with static heuristics,” in Proceedings of the Australasian Telecommunication Networks and Appli- cations Conference, 2008.
  10. C. Marco, K. Christopher, and V. Giovanni, “Detection and analysis of drive-by-download attacks and malicious javascript code,” in Proceedings of the 19th international conference on World wide web, 2010, pp. 281–290.
  11. M. Alexander, B. Tanya, D. Damien, G. S. D., and L. H. M., “Spyproxy: execution-based detection of malicious web content,” in Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, 2007, pp. 3:1–3:16.
  12. S. Ford, M. Cova, C. Kruegel, and G. Vigna, “Analyzing and Detecting Malicious Flash Advertisements,” in Proceedings of the Annual Computer Security Applications Conference, 2009.
  13. A. Ikinci, T. Holz, and F. Freiling, “Monkey-spider: Detect- ing malicious websites with low-interaction honeyclients,” in Proceedings of Sicherheit, Schutz und Zuverl?ssigkeit, 2008, pp. 407–421.
  14. B.-I. K., C.-T. I., and H.-C. J., “Suspicious malicious web site detection with strength analysis of a javascript obfuscation,” in International Journal of Advanced Science and Technology, 2011, pp. 19–32.
  15. R. K., K. T., and D. A., “Cujo: efficient detection and prevention of drive-by-download attacks.” in Proceedings of the 26th Annual Computer Security Applications Conference, 2010, pp. 31–39.
  16. Y.-M. W., X. J. Doug B., C. V. Roussi R., and S. T. K. Shuo C., “Automated web patrol with strider honeymonkeys: Finding web sites that exploit browser vulnerabilities.” in Proceedings of the Network and Distributed System Security Symposium, 2006.
  17. J. T. Ma, “Learning to detect malicious urls.” in PhD Disser- tation: University of California, San Diego, 2010.

International Journal of Scientific Research in Science, Engineering and Technology

Downloads

Published

2023-04-30

Issue

Volume 10, Issue 2, March-April-2023

Section

Research Articles

License

Copyright (c) IJSRSET

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Dr. Md. Sirajuddin, B. Bhavani, Y. Akshaya, P. Reethika, T. Sriram Reddy "A Novel Approach for Detection of Malicious Websites using Machine Learning Techniques " International Journal of Scientific Research in Science, Engineering and Technology (IJSRSET), Print ISSN : 2395-1990, Online ISSN : 2394-4099, Volume 10, Issue 2, pp.68-74, March-April-2023. Available at doi : https://doi.org/10.32628/IJSRSET231029