@inproceedings{cc7890519b284431bc0f75dd69892428,
title = "AutoBLG: Automatic URL blacklist generator using search space expansion and filters",
abstract = "Modern web users are exposed to a browser security threat called drive-by-download attacks that occur by simply visiting a malicious Uniform Resource Locator (URL) that embeds code to exploit web browser vulnerabilities. Many web users tend to click such URLs without considering the underlying threats. URL blacklists are an effective countermeasure to such browser-Targeted attacks. URLs are frequently updated; therefore, collecting fresh malicious URLs is essential to ensure the effectiveness of a URL blacklist. We propose a framework called automatic blacklist generator (AutoBLG) that automatically identifies new malicious URLs using a given existing URL blacklist. The key idea of AutoBLG is expanding the search space of web pages while reducing the amount of URLs to be analyzed by applying several pre-filters to accelerate the process of generating blacklists. Auto-BLG comprises three primary primitives: URL expansion, URL filtration, and URL verification. Through extensive analysis using a high-performance web client honeypot, we demonstrate that AutoBLG can successfully extract new and previously unknown drive-by-download URLs.",
keywords = "Computers, Crawlers, Databases, Feature extraction, IP networks, Search engines, Uniform resource locators",
author = "Bo Sun and Mitsuaki Akiyama and Takeshi Yagi and Mitsuhiro Hatada and Tatsuya Mori",
year = "2016",
month = feb,
day = "11",
doi = "10.1109/ISCC.2015.7405584",
language = "English",
series = "Proceedings - IEEE Symposium on Computers and Communications",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "625--631",
booktitle = "20th IEEE Symposium on Computers and Communication, ISCC 2015",
note = "20th IEEE Symposium on Computers and Communication, ISCC 2015 ; Conference date: 06-07-2015 Through 09-07-2015",
}