Malicious Website Detection: Effectiveness and Efficiency Issues

• Published in: 2011 First SysSec Workshop pp. 123 - 126
• Main Authors: Eshete, B., Villafiorita, A., Weldemariam, K.
• Format: Conference Proceeding
• Language: English
• Published: IEEE 01.07.2011
• Subjects: Browsers; Detection; Effectiveness; Efficiency; Feature extraction; Machine learning; Malicious Websites; Payloads; Security; Training; Web pages
• ISBN: 9781457715280; 1457715287
• DOI: 10.1109/SysSec.2011.9

Malicious websites, when visited by an unsuspecting victim infect her machine to steal invaluable information, redirect her to malicious targets or compromise her system to mount future attacks. While the existing approaches have promising prospects in detecting malicious websites, there are still open issues in effectively and efficiently addressing: filtering of web pages from the wild, coverage of wide range of malicious characteristics to capture the big picture, continuous evolution of web page features, systematic combination of features, semantic implications of feature values on characterizing web pages, ease and cost of flexibility and scalability of analysis and detection techniques with respect to inevitable changes to the threat landscape. In this position paper, we highlight our ongoing efforts towards effective and efficient analysis and detection of malicious websites with a particular emphasis on broader feature space and attack-payloads, flexibility of techniques with changes in malicious characteristics and web pages and above all real-life usability of techniques in defending users against malicious websites.