MALICIOUS URL DETECTION AND PREVENTION AT BROWSER LEVEL FRAMEWORK
|
|
- Angel Brown
- 5 years ago
- Views:
Transcription
1 International Journal of Mechanical Engineering and Technology (IJMET) Volume 8, Issue 12, December 2017, pp , Article ID: IJMET_08_12_054 Available online at ISSN Print: and ISSN Online: IAEME Publication Scopus Indexed MALICIOUS URL DETECTION AND PREVENTION AT BROWSER LEVEL FRAMEWORK M. Sridevi Research Scholar, JNTUH, Hyderabad, T.S, India Dr K.V.N. Sunitha Professor & Principal, BVRIT Engineering for Women, Hyderabad, T.S, India ABSTRACT Nowadays, the web becomes very important in daily life. Along with that are a massive number of threats related to the internet. Google reported that over 50 million website users were warned that the websites they visited trying to steal information or install malicious software. Google s current blacklist has almost 70,000 sites per week. Therefore, web security has become a hot topic both in research and industry; and the most popular and serious threat to web security is a drive-by-download attack. This attack happens when a victim just merely visits a seem-to-be-legitimate webpage (URL) that includes a malicious JavaScript code and automatically redirects the victim to an exploit webpage that installs malware into the victim s computer. According to a study by Google [2], approximately 1.3% of the incoming search queries to Google s search engine returns at least one malicious URL. This indicates that a significant portion of web clients can be the victims of the drive-by download attack. In this paper investigating how to detect and prevent malicious URL at browser level with help of one of the machine learning algorithm online learning. Key words: Heuristic approach, URL, online learning algorithm, supervised learning. Cite this Article: M. Sridevi and Dr K.V.N. Sunitha, Malicious URL Detection and Prevention at Browser Level Framework, International Journal of Mechanical Engineering and Technology 8(12), 2017, pp INTRODUCTION URL is the abbreviation of Uniform Resource Locator, which is the universal address of documents and other resources on the World Wide Web. A URL has two main components: (1) Protocol identifier, it shows what protocol to use, (2)Resource name; it projects the IP address or the domain name where the resource is identified editor@iaeme.com
2 Malicious URL Detection and Prevention at Browser Level Framework The protocol identifier and there source name differed by a colon and two forward slashes. An example is shown in Figure 1.Compromised URLs that are used for cyber-attacks are known as malicious URLs. In fact, it was observed that close to one-third of all websites are potentially malicious [2], demonstrating rampant use of malicious Figure 1 Illustration of a URL The most common method to detect malicious URLs set up by certain antivirus groups is the black-list method. Black-lists are mainly a database of URLs that have been confirmed to be malicious in the earlier. This database is compiled over time as and when it becomes known that a URL is malicious. Such a technique is high-speed due to a simple query overhead and hence is very easy to implement. Additionally, such a method would (intuitively) have a meager false-positive rate (although, it was reported that often blacklisting suffered from non-trivial false-positive rates [3]).However, it is almost impossible to maintain an exhaustive list of malicious URLs, especially since new URLs are generated every day. Attackers use creative techniques to evade blacklists and fool users by changing the URL to "appear" legitimate via obfuscation. Garera et al. [4] identified four types ofobfuscation: Obfuscating the Host with an IP, Obfuscating the Host with another domain, obfuscating the host with large hostnames, and misspelling. All of these try to hide the malicious intentions of the website by masking the malicious URL. Recently, with the increasing popularity of URL shortening services, it has become a new and widespread obfuscation technique (hiding the malicious URL behind a short URL) [5], [6]. Once the URLs appear legitimate, and users visit them, an attack can be launched. This is often done by malicious code embedded into the JavaScript. Often the attackers will also try to obfuscate the code to prevent signature-based Tools for identifying them. Attackers use several other simple techniques to evade blacklists including: fast-flux, in which proxies are automatically generated to host the web-page; algorithmic generation of new URLs; etc. Furthermore, attacker scan frequently launch more than one attack, which modifies the attack-signature, making it undetectable by tools that focus on specific signatures. Blacklisting methods later, have main drawbacks, and it appears almost trivial to bypass them, mainly because blacklists are useless for making predictions on new URLs. To address these issues, we came up with machine learning techniques for Malicious URL Detection Machine Learning approaches, use a set of URLs as training data and based on the statistical properties; learn a prediction function to classify a URL as malicious or benign. This gives them the ability to generalize to new URLs unlike blacklisting methods editor@iaeme.com
3 M. Sridevi and Dr K.V.N. Sunitha 2. DATASET COLLECTION The essential for training machine learning models the presence of training data. In the perspective of malicious URL detection, this would correspond to a set of large number of URLs. Machine learning can broadly be classified into supervised, unsupervised, and semisupervised for the training data After the training data is collected, the next step is to extract informative features such that they sufficiently describe the URL and at the same time, they can be interpreted mathematically by machine learning models. Data extraction from two ways this may include lexical features (i.e URL information) and host based features (WHOIS info,) The first key step is to convert a URL u into a feature vector x, where several types of information can be considered and different techniques can be used. Unlike learning the prediction model, this part cannot be directly computed by a mathematical function (not for most of it). Using domain knowledge and related expertise, a feature representation is constructed by crawling all relevant information about the URL. These range from lexical information (length of URL, the words used in the URL, etc.) to host-based information (WHOIS info, IP address, location, etc.). Once the information is gathered, it is processed to be stored in a feature vector numerical features can be stored in x as is, and identity related information or lexical features are usually stored through a binarization or bag-of-words (BoW) approach. Based on the type of information used, d xt generated from a URL is a d-dimensional vector where d can be less than 100 or can be in the order of millions. Figure 2 Data collection process 3. MALICIOUS URL DETECTION In this section, we present the main principles used by researchers to solve the problem of Malicious URL detection, followed by validating it as a machine learning task Principles of Detecting Malicious URLs Several other methods have been endeavored to tackle the problem of Malicious URL Detection. According to the fundamental principles, these methods can be broadly grouped into two major categories: (i) Blacklisting or Heuristics, and (ii) Machine Learning approaches editor@iaeme.com
4 Malicious URL Detection and Prevention at Browser Level Framework 3.2. Blacklisting or Heuristic Approaches Blacklisting approaches are a conventional and classical technique for detecting malicious URLs, which often maintains a list of URLs that are known to be malicious. Whenever a new URL is visited, a database lookup is performed. If the URL is present in the blacklist, it is considered to be malicious, and then a warning will be generated; else it is assumed to be benign. Blacklisting suffers from the inability to maintain an exhaustive list of all possible malicious URLs, as new URLs can be easily generated daily, thus making it impossible for them to detect new threats [21]. This is particularly of critical concern when the attackers generate new URLs algorithmically, and can thus bypass all blacklists. Despite several problems faced by blacklisting [3], due to their simplicity and efficiency, they continue to be one of the most commonly used techniques by many anti-virus systems today. Heuristic approaches [7] are some extensions of Blacklist based methods, where in the idea is to create a "blacklist of signatures." Common attacks are identified, and based on their behaviors; a signature is assigned to this attack type. Intrusion Detection Systems can scan the web pages for such signatures, and raise a flag if some suspicious behavior is found. These methods have better generalization capabilities than blacklisting, as they can detect threats in new URLs as well. However, such methods can be designed for only a limited number of common threats, and cannot generalize to all types of (novel) attacks. Moreover, using obfuscation techniques, it is not difficult to bypass them. A more specific version of heuristic approaches is through analysis of execution dynamics of the webpage Machine learning approaches Figure 3 A framework for Malicious URL Detection using Machine Learning These approaches try to analyze the information of a URL and its corresponding websites or web pages, by extracting good feature representations of URLs, and training a prediction model on training data of both malicious and benign URLs. There are two-types of features that can be used - static features, and dynamic features. In static analysis, we perform the analysis of a webpage based on information available without executing the URL (i.e., executing JavaScript, or other code) [8] The features extracted include lexical features from the URL string, information about the host, and sometimes even HTML and JavaScript content. Since no execution is required, these methods are safer than the Dynamic approaches. The underlying assumption is that the distribution of these features is different for malicious and benign URLs. Using this distribution information, a prediction model can be built, which can make predictions on new URLs. Due to the relatively safer environment to extracting important information, and the ability to generalize to all types of threats (not just common editor@iaeme.com
5 M. Sridevi and Dr K.V.N. Sunitha ones which have to be defined by a signature), static analysis techniques have been extensively explored by applying machine learning techniques. 4. MACHINE LEARNING ALGORITHMS FOR MALICIOUS URL DETECTION After converting URLs into feature vectors, many of these learning algorithms can be applied to train a predictive model in a relatively straight forward manner. However, to efficiently solve the problem, some efforts have also been explored in devising specific learning algorithms learning algorithms that have been applied for this task, and even suggest suitable machine learning technologies that can be used to solve particular challenges encountered 4.1. Online learning Algorithms Although batch learning algorithms are standard and easy to use, they can suffer from several major limitations when dealing with real-world malicious URL detection tasks due to expensive retraining cost; batch learning algorithms often do not update the model frequently, making them difficult to capture some emerging threats ina timely way. To address these limitations, online learning algorithms have been emerging as a promising direction for resolving the Malicious URL Detection tasks Online Learning Online Learning signifies a family of efficient and accessible learning algorithms that acquire from sequentially data collection where Consider malicious URL detection, given a sequence d of T labeled instances, denoted by D ={f(x1; y1); : : : ; (xt ; yt )}, where x denotes the URL s feature representation, and y t { 1, 1} is the class label. y = +1Denotes a malicious URL, and y t = -1 denotes a benign URL. At each iteration t, the algorithm makes a prediction f (xt) = sign(w. xt) where w is a d-dimensional weight vector initialized to 0 at t = 0. After the prediction, the true class label yt is revealed to the learner, and based on the loss suffered, the learner makes an update of the model to improve predictions in the future. The wideranging framework of an online learning algorithm is outlined in Algorithm. t Online learning algorithms are frequently much more scalable than traditional batch learning algorithms. Both the learning and predicting are computationally very efficient, Formation it mostly suitable for malicious URL detection responsibilities with gradually enormous amounts of training data, where batch learning algorithms may suffer due to their expensive retraining and the high memory and computational constraints. Online learning algorithms are often developed with strong theoretical guarantees such that they can asymptotically learn the prediction models as good as the batch algorithms under mild assumptions editor@iaeme.com
6 Malicious URL Detection and Prevention at Browser Level Framework There is an extensive variety of machine learning algorithms in the collected works that can be straight used in the context of Malicious URL Detection. Due to hypothetically a tremendous size of training data there was a need for scalable algorithms, and that is why Online Learning methods have found greatly success in this domain. 5. CONCLUSIONS In this paper discussed regarding malicious URL detection and Prevention using online learning algorithm at browser level, a supervised learning approach used for train the dataset and which collected from WHOIS, and studied different approaches heuristic and blacklist, finally online learning is effective machine learning algorithm in order to detect and prevent Malicious URL. In this paper we prevented one vulnerability but web applications have multiple vulnerabilities as a Future enhancement to prevent multiple vulnerabilities at a single place using hybrid framework and which integrates features of Naïve base, TF-IDF and unsupervised learning. approach REFERENCES [1] Tran Phuong Thaoet, al, Classification of Landing and Distribution Domains Using Who is Text Mining, 2017 IEEEDOI /Trustcom/BigDataSE/ICESS [2] B. Liang, J. Huang, F. Liu, D. Wang, D. Dong, and Z. Liang, Malicious web pages detection based on abnormal visibility recognition," in E-Business and Information System Security, EBISS 09.International Conference on. IEEE, 2009, pp [3] S. Sinha, M. Bailey, and F. Jahanian, Shades of grey: On the effectiveness of reputationbased "blacklists,"" in Malicious and Unwanted Software, MALWARE rd International Conference on.ieee, 2008, pp [4] S. Garera, N. Provos, M. Chew, and A. D. Rubin, A framework fordetection and measurement of phishing attacks, in Proceedings of the2007 ACM workshop on Recurring malcode. ACM, 2007, pp [5] S. Chhabra, A. Aggarwal, F. Benevenuto, and P. Kumaraguru, Phi.sh/$ social: the phishing landscape through short URLs, in Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference. ACM, 2011, pp [6] Y. Alshboul, R. Nepali, and Y. Wang, Detecting malicious short URLson Twitter," [7] C. Seifert, I. Welch, and P. Komisarczuk, Identification of malicious web pages with static heuristics, in Telecommunication Networks and Applications Conference, ATNAC Australasian. IEEE,2008, pp [8] J. Ma, L. K. Saul, S. Savage, and G. M. Voelker, Beyond blacklists: learning to detect malicious websites from suspicious URLs, in Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining. ACM, 2009, pp [9] Karthik. V, Mohan Kumar S and Karthikayini. A Novel Survey on Location Based Node Detection and Identifying the Malicious Activity of Nodes in Sensor Networks. International Journal of Computer Engineering & Technology 8(2), 2017, pp [10] V. Jaiganesh, Dr. P. Sumathi, An Efficient Intrusion Detection Using Relevance Vector Machine, International Journal of Computer Engineering & Technology (IJCET), Volume 4, Issue 1, January- February (2013), pp [11] D. Rajalakshmi and Dr. K. Meena, A Survey of Intrusion Detection with Higher Malicious Misbehavior Detection in MANE T, International Journal of Civil Engineering and Technology, 8(10), 2017, pp [12] Nisma Mobinunnisa and V. Sesha Bhargavi, Detection of Multiple Malicious Nodes in MANETS in a Single Query. International Journal of Computer Engineering & Technology, 8(6), 2017, pp editor@iaeme.com
Detecting Malicious Web Links and Identifying Their Attack Types
Detecting Malicious Web Links and Identifying Their Attack Types Anti-Spam Team Cellopoint July 3, 2013 Introduction References A great effort has been directed towards detection of malicious URLs Blacklisting
More informationISSN: (Online) Volume 2, Issue 2, February 2014 International Journal of Advance Research in Computer Science and Management Studies
ISSN: 2321-7782 (Online) Volume 2, Issue 2, February 2014 International Journal of Advance Research in Computer Science and Management Studies Research Article / Paper / Case Study Available online at:
More informationPREVENTING FROM PHISHING ATTACK BY IMPLEMENTING URL PATTERN MATCHING TECHNIQUE IN WEB
International Journal of Civil Engineering and Technology (IJCIET) Volume 8, Issue 9, September 2017, pp. 1200 1208, Article ID: IJCIET_08_09_135 Available online at http://http://www.iaeme.com/ijciet/issues.asp?jtype=ijciet&vtype=8&itype=9
More informationHow to prevent phishing attacks? In 3 Pages. Author: Soroush Dalili irsdl {4t[ yahoo }d0t] com Website: Soroush.SecProject.
How to prevent phishing attacks? In 3 Pages Author: Soroush Dalili Email: irsdl {4t[ yahoo }d0t] com Website: Soroush.SecProject.Com March 2009 How to prevent phishing attacks? 1. Introduction Phishing
More information[Rajebhosale*, 5(4): April, 2016] ISSN: (I2OR), Publication Impact Factor: 3.785
IJESRT INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH TECHNOLOGY A FILTER FOR ANALYSIS AND DETECTION OF MALICIOUS WEB PAGES Prof. SagarRajebhosale*, Mr.Abhimanyu Bhor, Ms.Tejashree Desai, Ms.
More informationHybrid Obfuscated Javascript Strength Analysis System for Detection of Malicious Websites
Hybrid Obfuscated Javascript Strength Analysis System for Detection of Malicious Websites R. Krishnaveni, C. Chellappan, and R. Dhanalakshmi Department of Computer Science & Engineering, Anna University,
More informationDetecting Malicious URLs. Justin Ma, Lawrence Saul, Stefan Savage, Geoff Voelker. Presented by Gaspar Modelo-Howard September 29, 2010.
Detecting Malicious URLs Justin Ma, Lawrence Saul, Stefan Savage, Geoff Voelker Presented by Gaspar Modelo-Howard September 29, 2010 Publications Justin Ma, Lawrence K. Saul, Stefan Savage, and Geoffrey
More informationCHAPTER 5 URL ANALYSIS
112 CHAPTER 5 URL ANALYSIS 5.1 INTRODUCTION The Web has become a platform for supporting a wide range of criminal enterprises such as spam-advertised commerce, financial fraud and as a vector for propagating
More informationENTERPRISE ENDPOINT PROTECTION BUYER S GUIDE
ENTERPRISE ENDPOINT PROTECTION BUYER S GUIDE TABLE OF CONTENTS Overview...3 A Multi-Layer Approach to Endpoint Security...4 Known Attack Detection...5 Machine Learning...6 Behavioral Analysis...7 Exploit
More informationKASPERSKY FRAUD PREVENTION FOR ENDPOINTS
KASPERSKY FRAUD PREVENTION FOR ENDPOINTS www.kaspersky.com KASPERSKY FRAUD PREVENTION 1. Ways of Attacking Online Banking The prime motive behind cybercrime is making money and today s sophisticated criminal
More informationURL ATTACKS: Classification of URLs via Analysis and Learning
International Journal of Electrical and Computer Engineering (IJECE) Vol. 6, No. 3, June 2016, pp. 980 ~ 985 ISSN: 2088-8708, DOI: 10.11591/ijece.v6i3.7208 980 URL ATTACKS: Classification of URLs via Analysis
More informationFinding Vulnerabilities in Web Applications
Finding Vulnerabilities in Web Applications Christopher Kruegel, Technical University Vienna Evolving Networks, Evolving Threats The past few years have witnessed a significant increase in the number of
More informationMethod to Study and Analyze Fraud Ranking In Mobile Apps
Method to Study and Analyze Fraud Ranking In Mobile Apps Ms. Priyanka R. Patil M.Tech student Marri Laxman Reddy Institute of Technology & Management Hyderabad. Abstract: Ranking fraud in the mobile App
More informationOffice 365 Buyers Guide: Best Practices for Securing Office 365
Office 365 Buyers Guide: Best Practices for Securing Office 365 Microsoft Office 365 has become the standard productivity platform for the majority of organizations, large and small, around the world.
More informationPhishing in the Age of SaaS
Phishing in the Age of SaaS AN ESSENTIAL GUIDE FOR BUSINESSES AND USERS The Cloud Security Platform Q3 2017 intro Phishing attacks have become the primary hacking method used against organizations. In
More informationHow to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis
White paper How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis AhnLab, Inc. Table of Contents Introduction... 1 Multidimensional Analysis... 1 Cloud-based Analysis...
More informationRegular Paper Classification Method of Unknown Web Sites Based on Distribution Information of Malicious IP addresses
International Journal of Informatics Society, VOL.10, NO.1 (2018) 41-50 41 Regular Paper Classification Method of Unknown Web Sites Based on Distribution Information of Malicious IP addresses Shihori Kanazawa
More informationBasic Concepts in Intrusion Detection
Technology Technical Information Services Security Engineering Roma, L Università Roma Tor Vergata, 23 Aprile 2007 Basic Concepts in Intrusion Detection JOVAN GOLIĆ Outline 2 Introduction Classification
More informationHOW TO CHOOSE A NEXT-GENERATION WEB APPLICATION FIREWALL
HOW TO CHOOSE A NEXT-GENERATION WEB APPLICATION FIREWALL CONTENTS EXECUTIVE SUMMARY 1 WEB APPLICATION SECURITY CHALLENGES 2 INSIST ON BEST-IN-CLASS CORE CAPABILITIES 3 HARNESSING ARTIFICIAL INTELLIGENCE
More informationWeb Security Vulnerabilities: Challenges and Solutions
Web Security Vulnerabilities: Challenges and Solutions A Tutorial Proposal for ACM SAC 2018 by Dr. Hossain Shahriar Department of Information Technology Kennesaw State University Kennesaw, GA 30144, USA
More informationMalicious Web Pages Detection Based on Abnormal Visibility Recognition
Malicious Web Pages Detection Based on Abnormal Visibility Recognition Bin Liang 1 2, Jianjun Huang 1, Fang Liu 1, Dawei Wang 1, Daxiang Dong 1, Zhaohui Liang 1 2 1. School of Information, Renmin University
More informationResolving Security s Biggest Productivity Killer
cybereason Resolving Security s Biggest Productivity Killer How Automated Detection Reduces Alert Fatigue and Cuts Response Time 2016 Cybereason. All rights reserved. 1 In today s security environment,
More informationDetection of Cross Site Scripting Attack and Malicious Obfuscated Javascript Code
International Journal of Engineering Research in Computer Science and Engineering Detection of Cross Site Scripting Attack and Malicious Obfuscated Javascript Code [1] Vrushali S. Bari [2] Prof. Nitin
More informationLITERATURE SURVEY ON SEARCH TERM EXTRACTION TECHNIQUE FOR FACET DATA MINING IN CUSTOMER FACING WEBSITE
International Journal of Civil Engineering and Technology (IJCIET) Volume 8, Issue 1, January 2017, pp. 956 960 Article ID: IJCIET_08_01_113 Available online at http://www.iaeme.com/ijciet/issues.asp?jtype=ijciet&vtype=8&itype=1
More informationSymantec Protection Suite Add-On for Hosted Security
Symantec Protection Suite Add-On for Hosted Email Security Overview Malware and spam pose enormous risk to the health and viability of IT networks. Cyber criminal attacks are focused on stealing money
More informationSOFTWARE DEFECT PREDICTION USING IMPROVED SUPPORT VECTOR MACHINE CLASSIFIER
International Journal of Mechanical Engineering and Technology (IJMET) Volume 7, Issue 5, September October 2016, pp.417 421, Article ID: IJMET_07_05_041 Available online at http://www.iaeme.com/ijmet/issues.asp?jtype=ijmet&vtype=7&itype=5
More informationWHITEPAPER ENDPOINT DETECTION AND RESPONSE BEYOND ANTIVIRUS PROACTIVE THREAT HUNTING AT THE ENDPOINT
WHITEPAPER ENDPOINT DETECTION AND RESPONSE BEYOND ANTIVIRUS PROACTIVE THREAT HUNTING AT THE ENDPOINT THREE DECADES OF COMPUTER THREATS In 1986, the Brain boot sector virus caused the first widespread realization
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationA Review Paper on Network Security Attacks and Defences
EUROPEAN ACADEMIC RESEARCH Vol. IV, Issue 12/ March 2017 ISSN 2286-4822 www.euacademic.org Impact Factor: 3.4546 (UIF) DRJI Value: 5.9 (B+) A Review Paper on Network Security Attacks and ALLYSA ASHLEY
More informationDetecting and Blocking Encrypted Anonymous Traffic using Deep Packet Inspection
Detecting and Blocking Encrypted Anonymous Traffic using Deep Packet Inspection Parita Chandrakant Parekh 1, Prof. Jayshree Upadhyay 2 1 PG Scholar, ITSNS, GTU PG SCHOOL, Gujarat, India 2 Assistant Professor,
More informationCSI5387: Data Mining Project
CSI5387: Data Mining Project Terri Oda April 14, 2008 1 Introduction Web pages have become more like applications that documents. Not only do they provide dynamic content, they also allow users to play
More informationURL Phishing Analysis using Random Forest
International Journal of Pure and Applied Mathematics Volume 118 No. 20 2018, 4159-4163 ISSN: 1314-3395 (on-line version) url: http://www.ijpam.eu ijpam.eu URL Phishing Analysis using Random Forest S.
More informationCybersecurity for IT Online. kaspersky.com/awareness #truecybersecurity. Kaspersky Enterprise Cybersecurity
Kaspersky Enterprise Cybersecurity Cybersecurity for IT Online First line incident response training for general IT specialists kaspersky.com/awareness #truecybersecurity Cybersecurity for IT Online (CITO)
More informationCoordinated Disclosure of Vulnerabilities in AVG Antivirus Free Android
Coordinated Disclosure of Vulnerabilities in AVG Antivirus Free Android 5.9.4.1 1 Executive summary Researchers of MRG Effitas tested the AVG AntiVirus Free Android application. During use, we came across
More informationSelf-Learning Systems for Network Intrusion Detection
Self-Learning Systems for Network Intrusion Detection Konrad Rieck Computer Security Group University of Göttingen GEORG-AUGUST-UNIVERSITÄT GÖTTINGEN About Me» Junior Professor for Computer Security» Research
More informationIncident Play Book: Phishing
Incident Play Book: Phishing Issue: 1.0 Issue Date: September 12, 2017 Copyright 2017 Independent Electricity System Operator. Some Rights Reserved. The following work is licensed under the Creative Commons
More informationTHE BUSINESS CASE FOR OUTSIDE-IN DATA CENTER SECURITY
THE BUSINESS CASE FOR OUTSIDE-IN DATA CENTER SECURITY DATA CENTER WEB APPS NEED MORE THAN IP-BASED DEFENSES AND NEXT-GENERATION FIREWALLS table of contents.... 2.... 4.... 5 A TechTarget White Paper Does
More informationJPCERT/CC Incident Handling Report [January 1, March 31, 2018]
JPCERT-IR-2018-01 Issued: 2018-04-12 JPCERT/CC Incident Handling Report [January 1, 2018 - March 31, 2018] 1. About the Incident Handling Report JPCERT Coordination Center (herein, JPCERT/CC) receives
More informationChapter 2 Malicious Networks for DDoS Attacks
Chapter 2 Malicious Networks for DDoS Attacks Abstract In this chapter, we explore botnet, the engine of DDoS attacks, in cyberspace. We focus on two recent techniques that hackers are using to sustain
More informationWEB PAGE RE-RANKING TECHNIQUE IN SEARCH ENGINE
WEB PAGE RE-RANKING TECHNIQUE IN SEARCH ENGINE Ms.S.Muthukakshmi 1, R. Surya 2, M. Umira Taj 3 Assistant Professor, Department of Information Technology, Sri Krishna College of Technology, Kovaipudur,
More informationCoordinated Disclosure of Vulnerabilities in McAfee Security Android
Coordinated Disclosure of Vulnerabilities in McAfee Security Android 4.8.0.370 1 Executive summary Researchers of MRG Effitas tested the McAfee Security Android application. During use, we came across
More informationIP Profiler. Tracking the activity and behavior of an IP address. Author: Fred Thiele (GCIA, CISSP) Contributing Editor: David Mackey (GCIH, CISSP)
Security Intelligence June 2005 IP Profiler Tracking the activity and behavior of an IP address Author: Fred Thiele (GCIA, CISSP) Contributing Editor: David Mackey (GCIH, CISSP) Page 2 Contents 3 Profiling
More informationTERM BASED WEIGHT MEASURE FOR INFORMATION FILTERING IN SEARCH ENGINES
TERM BASED WEIGHT MEASURE FOR INFORMATION FILTERING IN SEARCH ENGINES Mu. Annalakshmi Research Scholar, Department of Computer Science, Alagappa University, Karaikudi. annalakshmi_mu@yahoo.co.in Dr. A.
More informationOvertaking Google Desktop Leveraging XSS to Raise Havoc. 6 th OWASP AppSec Conference. The OWASP Foundation
Overtaking Google Desktop Leveraging XSS to Raise Havoc 6 th OWASP AppSec Conference Milan - May 2007 Yair Amit Senior Security Researcher, Watchfire yaira@watchfire.com +972-9-9586077 ext 4039 Copyright
More informationEnhanced Multivariate Correlation Analysis (MCA) Based Denialof-Service
International Journal of Computer Science & Mechatronics A peer reviewed International Journal Article Available online www.ijcsm.in smsamspublications.com Vol.1.Issue 2. 2015 Enhanced Multivariate Correlation
More informationMACHINE LEARNING & INTRUSION DETECTION: HYPE OR REALITY?
MACHINE LEARNING & INTRUSION DETECTION: 1 SUMMARY The potential use of machine learning techniques for intrusion detection is widely discussed amongst security experts. At Kudelski Security, we looked
More informationPERSONALIZATION OF MESSAGES
PERSONALIZATION OF E-MAIL MESSAGES Arun Pandian 1, Balaji 2, Gowtham 3, Harinath 4, Hariharan 5 1,2,3,4 Student, Department of Computer Science and Engineering, TRP Engineering College,Tamilnadu, India
More informationPhishing. Eugene Davis UAH Information Security Club April 11, 2013
Phishing Eugene Davis UAH Information Security Club April 11, 2013 Overview A social engineering attack in which the attacker impersonates a trusted entity Attacker attempts to retrieve privileged information
More informationFiltering Unwanted Messages from (OSN) User Wall s Using MLT
Filtering Unwanted Messages from (OSN) User Wall s Using MLT Prof.Sarika.N.Zaware 1, Anjiri Ambadkar 2, Nishigandha Bhor 3, Shiva Mamidi 4, Chetan Patil 5 1 Department of Computer Engineering, AISSMS IOIT,
More informationSentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by behavior-based threat detection and intelligent automation.
More informationDetecting Spammers with SNARE: Spatio-temporal Network-level Automatic Reputation Engine
Detecting Spammers with SNARE: Spatio-temporal Network-level Automatic Reputation Engine Shuang Hao, Nadeem Ahmed Syed, Nick Feamster, Alexander G. Gray, Sven Krasser Motivation Spam: More than Just a
More informationTrusted Profile Identification and Validation Model
International Journal of Engineering Research and Development e-issn: 2278-067X, p-issn: 2278-800X, www.ijerd.com Volume 7, Issue 1 (May 2013), PP. 01-05 Himanshu Gupta 1, A Arokiaraj Jovith 2 1, 2 Dept.
More informationCategorization of Phishing Detection Features. And Using the Feature Vectors to Classify Phishing Websites. Bhuvana Namasivayam
Categorization of Phishing Detection Features And Using the Feature Vectors to Classify Phishing Websites by Bhuvana Namasivayam A Thesis Presented in Partial Fulfillment of the Requirements for the Degree
More informationA Security View-point
2014 - A Security View-point With a careful analysis of security and IT trends in the most recent past and a strong foresight that comes from years of industry experience and intelligent extrapolation
More informationAUTOMATIC TUNING AND SEMANTIC BASED CLONE DETECTION OF ANDROID APPLICATIONS
International Journal of Mechanical Engineering and Technology (IJMET) Volume 8, Issue 10, October 2017, pp. 164 169, Article ID: IJMET_08_10_020 Available online at http://www.iaeme.com/ijmet/issues.asp?jtype=ijmet&vtype=8&itype=10
More informationDomain Specific Search Engine for Students
Domain Specific Search Engine for Students Domain Specific Search Engine for Students Wai Yuen Tang The Department of Computer Science City University of Hong Kong, Hong Kong wytang@cs.cityu.edu.hk Lam
More informationProtect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com
Protect Your Endpoint, Keep Your Business Safe. White Paper Exosphere, Inc. getexosphere.com White Paper Today s Threat Landscape Cyber attacks today are increasingly sophisticated and widespread, rendering
More informationFighting Spam, Phishing and Malware With Recurrent Pattern Detection
Fighting Spam, Phishing and Malware With Recurrent Pattern Detection White Paper September 2017 www.cyren.com 1 White Paper September 2017 Fighting Spam, Phishing and Malware With Recurrent Pattern Detection
More informationAnti-Phishing Method for Detecting Suspicious URLs in Twitter
Anti-Phishing Method for Detecting Suspicious URLs in Twitter Salu Sudhakar 1, Narasimhan T 2 P.G. Scholar, Dept of Computer Science, Mohandas College of engineering and technology Anad, TVM 1 Assistant
More informationPhishing URLs and Decision Trees. Hitesh Dharmdasani
Phishing URLs and Decision Trees Hitesh Dharmdasani Who am I? Cyber Crime, Internet threats, Malcode, Privacy, etc GIT > George Mason > UC Berkeley > FireEye > With you Currently Informant Networks & Centre
More informationMining Web to Detect Phishing URLs
Mining Web to Detect Phishing URLs Ram B. Basnet Sage Technology Partners, Inc. Albuquerque, NM, USA rbasnet@sagetpi.com Andrew H. Sung Computer Science and Engineering, New Mexico Tech ICASA Socorro,
More informationMaximum Security with Minimum Impact : Going Beyond Next Gen
SESSION ID: SP03-W10 Maximum Security with Minimum Impact : Going Beyond Next Gen Wendy Moore Director, User Protection Trend Micro @WMBOTT Hyper-competitive Cloud Rapid adoption Social Global Mobile IoT
More informationEFFICIENT ALGORITHM FOR MINING ON BIO MEDICAL DATA FOR RANKING THE WEB PAGES
International Journal of Mechanical Engineering and Technology (IJMET) Volume 8, Issue 8, August 2017, pp. 1424 1429, Article ID: IJMET_08_08_147 Available online at http://www.iaeme.com/ijmet/issues.asp?jtype=ijmet&vtype=8&itype=8
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 3 Protecting Systems Objectives Explain how to harden operating systems List ways to prevent attacks through a Web browser Define
More informationAnalyzing Dshield Logs Using Fully Automatic Cross-Associations
Analyzing Dshield Logs Using Fully Automatic Cross-Associations Anh Le 1 1 Donald Bren School of Information and Computer Sciences University of California, Irvine Irvine, CA, 92697, USA anh.le@uci.edu
More informationTHE ACCENTURE CYBER DEFENSE SOLUTION
THE ACCENTURE CYBER DEFENSE SOLUTION A MANAGED SERVICE FOR CYBER DEFENSE FROM ACCENTURE AND SPLUNK. YOUR CURRENT APPROACHES TO CYBER DEFENSE COULD BE PUTTING YOU AT RISK Cyber-attacks are increasingly
More informationHOCS: HOST OSCOMMUNICATION SERVICE LAYER
International Journal of Civil Engineering and Technology (IJCIET) Volume 8, Issue 11, November 2017, pp. 35 41, Article ID: IJCIET_08_11_004 Available online at http://http://www.iaeme.com/ijciet/issues.asp?jtype=ijciet&vtype=8&itype=11
More informationBase64 The Security Killer
Base64 The Security Killer Kevin Fiscus NWN Corporation Session ID: DAS-203 Session Classification: Intermediate A Short (Made Up) Security Story Helix Pharmaceuticals is concerned about security Industrial
More informationFREE ONLINE WEBSITE MALWARE SCANNER WEBSITE SECURITY
PDF 11 AWESOME TOOLS FOR WEBSITE MALWARE SCANNING FREE ONLINE WEBSITE SECURITY 1 / 5 2 / 5 3 / 5 website malware scanner pdf Qualys Malware Detection helps you to scan continuously for malware against
More informationCIS 4360 Secure Computer Systems XSS
CIS 4360 Secure Computer Systems XSS Professor Qiang Zeng Spring 2017 Some slides are adapted from the web pages by Kallin and Valbuena Previous Class Two important criteria to evaluate an Intrusion Detection
More informationAslam Khan 1, Rahul Sharma 2
A Survey Paper on Detection of Phishing Website by URL Technique Aslam Khan 1, Rahul Sharma 2 1 R.K.D.F School of Engineering, Indore (M.P) India, aslamkhanashu@gmail.com 2 R.K.D.F School of Engineering,
More informationDiscount Kaspersky PURE 3.0 internet download software for windows 8 ]
Discount Kaspersky PURE 3.0 internet download software for windows 8 ] Description: Extended benefits Award-winning protection against all types of Internet threats Online shopping, banking and social
More informationImperva Incapsula Website Security
Imperva Incapsula Website Security DA T A SH E E T Application Security from the Cloud Imperva Incapsula cloud-based website security solution features the industry s leading WAF technology, as well as
More informationProactive Protection Against New and Emerging Threats. Solution Brief
Proactive Protection Against New and Emerging Threats Solution Brief Executive Summary With new and variant strains of malware emerging at an unprecedented rate, heuristic malware detection has become
More informationWhite Paper. New Gateway Anti-Malware Technology Sets the Bar for Web Threat Protection
White Paper New Gateway Anti-Malware Technology Sets the Bar for Web Threat Protection The latest version of the flagship McAfee Gateway Anti-Malware technology adapts to new threats and plans for future
More informationQuadratic Route Factor Estimation Technique for Routing Attack Detection in Wireless Adhoc Networks
European Journal of Applied Sciences 8 (1): 55-61, 2016 ISSN 2079-2077 IDOSI Publications, 2016 DOI: 10.5829/idosi.ejas.2016.8.1.22863 Quadratic Route Factor Estimation Technique for Routing Attack Detection
More informationTechnical Brief: Domain Risk Score Proactively uncover threats using DNS and data science
Technical Brief: Domain Risk Score Proactively uncover threats using DNS and data science 310 Million + Current Domain Names 11 Billion+ Historical Domain Profiles 5 Million+ New Domain Profiles Daily
More informationReduce Your Network's Attack Surface
WHITE PAPER Reduce Your Network's Attack Surface Ixia's ThreatARMOR Frees Up Security Resources and Personnel The Threat Landscape When you re dealing with network security, one of the primary measurements
More informationCSCE 813 Internet Security Case Study II: XSS
CSCE 813 Internet Security Case Study II: XSS Professor Lisa Luo Fall 2017 Outline Cross-site Scripting (XSS) Attacks Prevention 2 What is XSS? Cross-site scripting (XSS) is a code injection attack that
More informationFighting the. Botnet Ecosystem. Renaud BIDOU. Page 1
Fighting the Botnet Ecosystem Renaud BIDOU Page 1 Bots, bots, bots Page 2 Botnet classification Internal Structure Command model Propagation mechanism 1. Monolithic Coherent, all features in one binary
More informationPreprocessing of Stream Data using Attribute Selection based on Survival of the Fittest
Preprocessing of Stream Data using Attribute Selection based on Survival of the Fittest Bhakti V. Gavali 1, Prof. Vivekanand Reddy 2 1 Department of Computer Science and Engineering, Visvesvaraya Technological
More informationA New Logging-based IP Traceback Approach using Data Mining Techniques
using Data Mining Techniques Internet & Multimedia Engineering, Konkuk University, Seoul, Republic of Korea hsriverv@gmail.com, kimsr@konuk.ac.kr Abstract IP Traceback is a way to search for sources of
More informationA SYSTEM FOR DETECTION AND PRVENTION OF PATH BASED DENIAL OF SERVICE ATTACK
A SYSTEM FOR DETECTION AND PRVENTION OF PATH BASED DENIAL OF SERVICE ATTACK P.Priya 1, S.Tamilvanan 2 1 M.E-Computer Science and Engineering Student, Bharathidasan Engineering College, Nattrampalli. 2
More informationSupervised Web Forum Crawling
Supervised Web Forum Crawling 1 Priyanka S. Bandagale, 2 Dr. Lata Ragha 1 Student, 2 Professor and HOD 1 Computer Department, 1 Terna college of Engineering, Navi Mumbai, India Abstract - In this paper,
More informationHUAWEI TECHNOLOGIES CO., LTD. Huawei FireHunter6000 series
HUAWEI TECHNOLOGIES CO., LTD. Huawei 6000 series Huawei 6000 series can detect APT (Advanced Persistent Threat) attacks, which altogether exploit multiple techniques (including zero-day vulnerabilities
More informationX-ARF: A Reporting and Exchange Format for the Data Exchange of Netflow and Honeypot Data
X-ARF: A Reporting and Exchange Format for the Data Exchange of Netflow and Honeypot Data Jan Kohlrausch, Sven Übelacker, GÉANT 3 JRA2 T4: Internal deliverable DFN-CERT Services GmbH Hamburg, Germany Email:
More informationBotnets: major players in the shadows. Author Sébastien GOUTAL Chief Science Officer
Botnets: major players in the shadows Author Sébastien GOUTAL Chief Science Officer Table of contents Introduction... 3 Birth of a botnet... 4 Life of a botnet... 5 Death of a botnet... 8 Introduction
More informationKaspersky Security Network
The Kaspersky Security Network (KSN) is a complex distributed infrastructure dedicated to intelligently processing cybersecurity-related data streams from millions of voluntary participants around the
More informationHigh Ppeed Circuit Techniques for Network Intrusion Detection Systems (NIDS)
The University of Akron IdeaExchange@UAkron Mechanical Engineering Faculty Research Mechanical Engineering Department 2008 High Ppeed Circuit Techniques for Network Intrusion Detection Systems (NIDS) Ajay
More informationMachine Learning in Digital Security
Machine Learning in Digital Security White Paper www.seqrite.com Table of Contents 1. Introduction 2. Introduction to Machine Learning 3. Machine Learning usage in Security Industry 4. Clustering Samples
More informationCYBER ANALYTICS. Architecture Overview. Technical Brief. May 2016 novetta.com 2016, Novetta
CYBER ANALYTICS Architecture Overview Technical Brief May 2016 novetta.com 2016, Novetta Novetta Cyber Analytics: Technical Architecture Overview 1 INTRODUCTION 2 CAPTURE AND PROCESS ALL NETWORK TRAFFIC
More informationNaming in Distributed Systems
Naming in Distributed Systems Dr. Yong Guan Department of Electrical and Computer Engineering & Information Assurance Center Iowa State University Outline for Today s Talk Overview: Names, Identifiers,
More informationP2_L12 Web Security Page 1
P2_L12 Web Security Page 1 Reference: Computer Security by Stallings and Brown, Chapter (not specified) The web is an extension of our computing environment, because most of our daily tasks involve interaction
More informationStreaming Prevention in Cb Defense. Stop malware and non-malware attacks that bypass machine-learning AV and traditional AV
Streaming Prevention in Cb Defense Stop malware and non-malware attacks that bypass machine-learning AV and traditional AV 2 STREAMING PREVENTION IN Cb DEFENSE OVERVIEW Over the past three years, cyberattackers
More informationOverview of Web Mining Techniques and its Application towards Web
Overview of Web Mining Techniques and its Application towards Web *Prof.Pooja Mehta Abstract The World Wide Web (WWW) acts as an interactive and popular way to transfer information. Due to the enormous
More informationAdvanced Threat Defense Certification Testing Report. Symantec Corporation Symantec Advanced Threat Protection
Advanced Threat Defense Certification Testing Report Symantec Advanced Threat Protection ICSA Labs Advanced Threat Defense December 8, 2015 Prepared by ICSA Labs 1000 Bent Creek Blvd., Suite 200 Mechanicsburg,
More informationBenefits of CORDA platform features
Benefits of CORDA platform features Functionalities, main tools and the benefits of using CORDA platform Copernicus service providers (land monitoring and emergency services) require reference data for
More informationAnalysis of Behavior of Parallel Web Browsing: a Case Study
Analysis of Behavior of Parallel Web Browsing: a Case Study Salman S Khan Department of Computer Engineering Rajiv Gandhi Institute of Technology, Mumbai, Maharashtra, India Ayush Khemka Department of
More informationHTTP BASED BOT-NET DETECTION TECHNIQUE USING APRIORI ALGORITHM WITH ACTUAL TIME DURATION
International Journal of Computer Engineering and Applications, Volume XI, Issue III, March 17, www.ijcea.com ISSN 2321-3469 HTTP BASED BOT-NET DETECTION TECHNIQUE USING APRIORI ALGORITHM WITH ACTUAL TIME
More informationIs Browsing Safe? Web Browser Security. Subverting the Browser. Browser Security Model. XSS / Script Injection. 1. XSS / Script Injection
Is Browsing Safe? Web Browser Security Charlie Reis Guest Lecture - CSE 490K - 5/24/2007 Send Spam Search Results Change Address? Install Malware Web Mail Movie Rentals 2 Browser Security Model Pages are
More information