AutoBLG: Automatic URL blacklist generator using search space expansion and filters

Bo Sun, Mitsuaki Akiyama, Takeshi Yagi, Mitsuhiro Hatada, Tatsuya Mori

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

Modern web users are exposed to a browser security threat called drive-by-download attacks that occur by simply visiting a malicious Uniform Resource Locator (URL) that embeds code to exploit web browser vulnerabilities. Many web users tend to click such URLs without considering the underlying threats. URL blacklists are an effective countermeasure to such browser-Targeted attacks. URLs are frequently updated; therefore, collecting fresh malicious URLs is essential to ensure the effectiveness of a URL blacklist. We propose a framework called automatic blacklist generator (AutoBLG) that automatically identifies new malicious URLs using a given existing URL blacklist. The key idea of AutoBLG is expanding the search space of web pages while reducing the amount of URLs to be analyzed by applying several pre-filters to accelerate the process of generating blacklists. Auto-BLG comprises three primary primitives: URL expansion, URL filtration, and URL verification. Through extensive analysis using a high-performance web client honeypot, we demonstrate that AutoBLG can successfully extract new and previously unknown drive-by-download URLs.

Original languageEnglish
Title of host publication20th IEEE Symposium on Computers and Communication, ISCC 2015
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages625-631
Number of pages7
ISBN (Electronic)9781467371940
DOIs
Publication statusPublished - 2016 Feb 11
Event20th IEEE Symposium on Computers and Communication, ISCC 2015 - Larnaca, Cyprus
Duration: 2015 Jul 62015 Jul 9

Publication series

NameProceedings - IEEE Symposium on Computers and Communications
Volume2016-February
ISSN (Print)1530-1346

Other

Other20th IEEE Symposium on Computers and Communication, ISCC 2015
CountryCyprus
CityLarnaca
Period15/7/615/7/9

Keywords

  • Computers
  • Crawlers
  • Databases
  • Feature extraction
  • IP networks
  • Search engines
  • Uniform resource locators

ASJC Scopus subject areas

  • Software
  • Signal Processing
  • Mathematics(all)
  • Computer Science Applications
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'AutoBLG: Automatic URL blacklist generator using search space expansion and filters'. Together they form a unique fingerprint.

Cite this