Abstract
The advance growth of cybercrime in recent years especially in high critical networks becomes an urgent issue to the security authorities. They compromised computer system, targeting especially to government sector, ecommerce and banking networks rigorously and made it difficult to detect the perpetrators. Attackers used a powerful technique, by embedding a malicious code in a normal webpage that resulted harder detection. Early detection and act on such threats in a timely manners is vital in order to reduce the losses which have caused billions of dollars every year. Previously, the detection of malicious is done through the use of blacklisting repository. The repository or database was compiled over time through crowd sourcing solution (e.g.: PishTank, Zeus Tracker Blacklist, StopBadWare.. etc.). However, such technique cannot be exhaustive and unable to detect newly generated malicious URL or zero-day exploit. Therefore, this paper aims to provide a comprehensive survey and detailed understanding of malicious code and URL features which have been extracted from the web content and structures of the websites. We studied the characteristic of malicious webpage systematically and syntactically and present the most important features of malicious threats in web pages. Each category will be presented along with different dimensions (features representation, algorithm design, etc.).
Please note that the AISC Editorial assumes that all authors have used the western naming convention, with given names preceding surnames. This determines the structure of the names in the running heads and the author index.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ahmed, A.A., Li, C.X.: Locating and collecting cybercrime evidences on cloud storage: review. In: 2016 International Conference on Information Science and Security, ICISS 2016 (2017)
Sahoo, D., Liu, C., Hoi, S.C.H.: Malicious URL detection using machine learning: a survey, pp. 1–21 (2017)
Awathe, A.: Malicious web page detection through classification technique : a survey, vol. 8491, pp. 74–79 (2017)
Akiyama, M., Yagi, T., Itoh, M.: Searching structural neighborhood of malicious URLs to improve blacklisting. In: Proceedings of 11th IEEE/IPSJ International Symposium on Applications and Internet, SAINT 2011, pp. 1–10 (2011)
Garera, S., Provos, N., Chew, M., Rubin, A.D.: A framework for detection and measurement of phishing attacks. In: Proceedings of 2007 ACM Workshop on Recurring Malcode - WORM 2007, p. 1 (2007)
Ma, J., Saul, L., Savage, S., Voelker, G.: Identifying suspicious URLs: an application of large-scale online learning. In: Proceedings of the 26th Annual International Conference on Machine Learning, pp. 681–688 (2009)
Ma, J., Saul, L.K., Savage, S., Voelker, G.M.: Beyond blacklists : learning to detect malicious web sites from suspicious URLs. In: World Wide Web Internet Web Information System, pp. 1245–1253 (2009)
Hou, Y.T., Chang, Y., Chen, T., Laih, C.S., Chen, C.M.: Malicious web content detection by machine learning. Expert Syst. Appl. 37(1), 55–60 (2010)
Canali, D., Cova, M., Vigna, G., Kruegel, C.: Prophiler : a fast filter for the large-scale detection of malicious web pages categories and subject descriptors. In: Proceedings of International World Wide Web Conference, pp. 197–206 (2011)
Choi, H., Zhu, B.B., Lee, H.: Detecting malicious web links and identifying their attack types. WebApps 11, 11 (2011)
Eshete, B.: Effective analysis, characterization, and detection of malicious web pages. In: Proceedings of 22nd International Conference on World Wide Web companion, pp. 355–360 (2013)
Kim, B., Im, C., Jung, H.: Suspicious malicious web site detection with strength analysis of a javascript obfuscation. Int. J. Adv. Sci. Technol. 26, 19–32 (2011)
Canfora, G., Visaggio, C.A.: A set of features to detect web security threats. J. Comput. Virol. Hacking Tech. 12(4), 243–261 (2016)
Seshagiri, P., Vazhayil, A., Sriram, P.: AMA: static code analysis of web page for the detection of malicious scripts. Proc. Comput. Sci. 93, 768–773 (2016)
Saquib, S., Ali, R.: Malicious Behavior in Online Social Network
Neeraja, M., Prakash, J.: Detecting Malicious Posts in Social Networks Using Text Analysis, vol. 5, no. 6, pp. 2015–2017 (2016)
Eshete, B.: Security and Privacy in Communication Networks, vol. 106, p. 2015 (2013)
Fraiwan, M., Al-Salman, R., Khasawneh, N., Conrad, S.: Analysis and identification of malicious javascript code. Inf. Secur. J. 21(1), 1–11 (2012)
Xu, S., Bylander, T., Maynard, H.B., Sandhu, R., Xu, M.: Detecting and characterizing malicious websites (2014)
Bielova, N.: Survey on JavaScript security policies and their enforcement mechanisms in a web browser. J. Log. Algebr. Program. 82(8), 243–262 (2013)
Acknowledgement
This study was fully funded by the Ministry of Higher Education in Malaysia (RDU 160106).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Manan, W.N.W., Ahmed, A.G.A., Kahar, M.N.M. (2019). Characterizing Current Features of Malicious Threats on Websites. In: Vasant, P., Zelinka, I., Weber, GW. (eds) Intelligent Computing & Optimization. ICO 2018. Advances in Intelligent Systems and Computing, vol 866. Springer, Cham. https://doi.org/10.1007/978-3-030-00979-3_21
Download citation
DOI: https://doi.org/10.1007/978-3-030-00979-3_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00978-6
Online ISBN: 978-3-030-00979-3
eBook Packages: EngineeringEngineering (R0)