research-article

Detection Method of Malicious Mirroring Site in Mass Network Traffic

Author:

Haolai CheAuthors Info & Claims

ICITEE '20: Proceedings of the 3rd International Conference on Information Technologies and Electrical Engineering

Pages 654 - 658

https://doi.org/10.1145/3452940.3453068

Published: 17 May 2021 Publication History

Get Access

Abstract

This paper proposes a method for detecting malicious mirrored websites under large-scale network traffic. This method passively extracts webpage source code from network traffic and actively obtains webpage snapshots through a combination of active and passive methods, extracts corresponding features for similarity comparison, and detects malicious Mirror web pages. The experiment used 1447 malicious webpages as benchmark webpages. In a large-scale network flow environment, 49 phishing webpages, 13 gambling webpages, 23 obscene and pornographic webpages, and 8 illegal webpages were detected. The accuracy rate of the algorithm is 93.94%, the recall rate is 92.08%, and the F value is 0.93, which verifies that the malicious mirror webpage detection algorithm proposed in this paper is practical and effective.

References

[1]

China Internet Information Center (CNNIC) 41st Statistical Report on Internet Development in China. http://www.cnnic.net.cn/hlwfzyj/hlwxzbg/hlwtjbg/201803/t20180305_70249.htm

Google Scholar

[2]

JIANKUN YU. Duplicate text detection based on LCS algorithm[A]. Proceedings of 2nd Information Technology and Mechatronics Engineering Conference (ITOEC 2016), 2016:5.

Google Scholar

[3]

Rob Koeling. Chunking with Maximum Entropy Models[C]. Proceedings of CoNLL-2000 and LLL-2000. Lisbon, Portugal, 2000, 139--141.

Google Scholar

[4]

Brin S, Davis J, Garcia-Molina H. Copy detection mechanisms for digital documents[C]. Proceedings of the ACM SIGMOD Annual Conference. 1995:398--409.

Google Scholar

[5]

Chu P M, Chang C Y, Lee S J. Copy detection for digital documents[C]. International Congress on Image and Signal Processing, Biomedical Engineering and Informatics. IEEE, 2018:1--5.

Google Scholar

[6]

Dwivedi J, Tiwary, A. Plagiarism detection on bigdata using modified map-reduced based SCAM algorithm[C]. IEEE International Conference on Innovative Mechanisms for Industry Applications, 2017. (3): 608--610.

Crossref

Google Scholar

[7]

Pattern recognition and image preprocessing[M]. CRC Press, 2002.

Google Scholar

[8]

Lowe D G. Distinctive image features from scale-invariant keypoints[J]. International journal of computer vision, 2004, 60(2):91--110.

Digital Library

Google Scholar

[9]

Brown, M. and Lowe, D. G. Invariant features from interest point groups[C]. British Machine Vision Conference, BMVC 2002, Cardiff, Wales: British Machine Vision Association, 2002, 656--665.

Crossref

Google Scholar

[10]

Mikolajczyk K, Schmid C. A performance evaluation of local descriptors[J]. IEEE Trans. on PAMI, 2005, 27(10):1615--1630.

Digital Library

Google Scholar

Cited By

View all

Xia WHe XWang WLi ZZhang JXiong G(2021)Old Wine in A New Bottle: A Homogeneous Fraud Sites Discovery Framework2021 7th International Conference on Computer and Communications (ICCC)10.1109/ICCC54389.2021.9674211(2239-2243)Online publication date: 10-Dec-2021
https://doi.org/10.1109/ICCC54389.2021.9674211

Index Terms

Detection Method of Malicious Mirroring Site in Mass Network Traffic

Index terms have been assigned to the content through auto-classification.

Recommendations

A Method of Malicious Bot Traffic Detection
Cyberspace Safety and Security
Abstract
The traditional malicious bot traffic detection technology is usually based on rule matching or statistical analysis, which is not flexible enough and has low detection accuracy. This article systematically analyzes the formation and ...
Malicious web content detection by machine learning

The recent development of the dynamic HTML gives attackers a new and powerful technique to compromise computer systems. A malicious dynamic HTML code is usually embedded in a normal webpage. The malicious webpage infects the victim when a user browses ...
Malicious SSL Certificate Detection: A Step Towards Advanced Persistent Threat Defence
ICFNDS '17: Proceedings of the International Conference on Future Networks and Distributed Systems

Advanced Persistent Threat (APT) is one of the most serious types of cyber attacks, which is a new and more complex version of multistep attack. Within the APT life cycle, continuous communication between infected hosts and Command and Control (C&C) ...

Comments

Information & Contributors

Information

Published In

ICITEE '20: Proceedings of the 3rd International Conference on Information Technologies and Electrical Engineering

December 2020

687 pages

ISBN:9781450388665

DOI:10.1145/3452940

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 May 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ICITEE2020

ICITEE2020: The 3rd International Conference on Information Technologies and Electrical Engineering

December 3 - 5, 2020

Hunan, Changde City, China

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
52
Total Downloads

Downloads (Last 12 months)9
Downloads (Last 6 weeks)0

Reflects downloads up to 28 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Xia WHe XWang WLi ZZhang JXiong G(2021)Old Wine in A New Bottle: A Homogeneous Fraud Sites Discovery Framework2021 7th International Conference on Computer and Communications (ICCC)10.1109/ICCC54389.2021.9674211(2239-2243)Online publication date: 10-Dec-2021
https://doi.org/10.1109/ICCC54389.2021.9674211

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Abstract

References

Cited By

Index Terms

Recommendations

A Method of Malicious Bot Traffic Detection

Malicious web content detection by machine learning

Malicious SSL Certificate Detection: A Step Towards Advanced Persistent Threat Defence

Comments

Information

Published In

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

HTML Format

Share

Share this Publication link

Share on social media

Affiliations