Abstract
Malicious web pages are an increasing threat to current computer systems in recent years. Traditional anti-virus techniques focus typically on detection of the static signatures of Malware and are ineffective against these new threats because they cannot deal with zero-day attacks. In this paper, a novel classification method for detecting malicious web pages is presented. This method is generalization and specialization of attack pattern based on inductive learning, which can be used for updating and expanding knowledge database. The attack pattern is established from an example and generalized by inductive learning, which can be used to detect unknown attacks whose behavior is similar to the example.
This project is supported by the National Natural Science Foundations of China (No.60703082 and No.60672102).
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Seifert, C., Komisarczuk, P., Welch, I.: Application of divide-andconquer algorithm paradigm to improve the detection speed of high interaction client honeypots. In: 23rd Annual ACM Symposium on Applied Computing. ACM, Ceara (2008)
Anagnostakis, K.G., Sidiroglou, S., Akritidis, P., Xinidis, K., Markatos, E., Keromytis, A.D.: Detecting Targeted Attacks Using Shadow Honeypots (August 2005)
David, S.A., Fleizach, C., Savage, S., Voelker, G.M.: Spamscatter: Characterizing Internet Scam Hosting Infrastructure. In: Proceedings of the USENIX Security Symposium (August 2007)
Barford, P., Yagneswaran, V.: An Inside Look at Botnets. Advances in Information Security. Springer, Heidelberg (2007)
Bem, J., Harik, G., Levenberg, J., Shazeer, N., Tong, S.: Large scale machine learning and methods. US Patent: 7222127
Peishun, L., Dake, H.: Worm detection using CPN. In: 2004 IEEE International Conference on Systems, Man & Cybernetics, October 2004, pp. 4941–4946 (2004)
Kienzle, D.M., Elder, M.C.: Recent worms: a survey and trends. In: Proceedings of the 2003 ACM Workshop on Rapid Malcode, October 27, pp. 1–10. ACM Press, New York (2003)
Chen, S., Tang, Y.: Slowing Down InternetWorms. In: Proceedings of IEEE International Conference on Distributed Computing Systems, ICDCS (2004)
Christodorescu, M., Jha, S., Seshia, S.A., Song, D., Bryant, R.E.: Semantics-aware malware detection. In: Proc. IEEE Symposium on Security and Privacy, pp. 32–46 (2005)
Kruegel, C., Robertson, W., Vigna, G.: Detecting kernel-level rootkits through binary analysis. In: Proc. 20th Annual Computer Security Applications Conference (ACSAC 2004), pp. 91–100 (2004)
Kinder, J., Katzenbeisser, S., Schallhart, C., Veith, H.: Detecting malicious code by model checking. In: Julisch, K., Krügel, C. (eds.) DIMVA 2005. LNCS, vol. 3548, pp. 174–187. Springer, Heidelberg (2005)
Provos, N., Mavrommatis, P., Rajab, M.A., Monrose, F.: All Your iFRAMEs Point to Us, Google Technical Report provos (2008a)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Liu, P., Wang, X. (2009). Identification of Malicious Web Pages by Inductive Learning. In: Liu, W., Luo, X., Wang, F.L., Lei, J. (eds) Web Information Systems and Mining. WISM 2009. Lecture Notes in Computer Science, vol 5854. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-05250-7_47
Download citation
DOI: https://doi.org/10.1007/978-3-642-05250-7_47
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-05249-1
Online ISBN: 978-3-642-05250-7
eBook Packages: Computer ScienceComputer Science (R0)