Preprints‎ > ‎

A set of features to detect web security threats by Gerardo Canfora & Corrado Aaron Visaggio

pubblicato 19 feb 2016, 10:59 da Gerardo Canfora   [ aggiornato in data 16 mar 2017, 01:14 ]
The increasing growth of malicious websites and systems for distributing malware through websites is making it urgent the adoption of effective techniques for timely detection of web security threats. Current mechanisms may exhibit some limitations, mainly concerning the amount of resources required, and a low true positives rate for zero- day attacks. With this paper, we propose and validate a set of features extracted from the content and the structure of webpages, which could be used as indicators of web security threats. The features are used for building a predictor, based on five machine learning algorithms, which is applied to classify unknown web applications. The experimentation demonstrated that the proposed set of features is able to correctly classify malicious web sites with a high level of precision, corresponding to 0.84 in the best case, and recall corresponding to 0.89 in the best case. The classifiers reveal to be successful also with zero day attacks.
Journal of Computer Virology and Hacking Techniques - 12(4): 243-261 (2016)
The final publication is available at link.springer.com - http://link.springer.com/article/10.1007/s11416-016-0266-2 
Comments