Welcome to the InfoSci Platform
Reference Hub11
Detection of Drive-by Download Attacks Using Machine Learning Approach

Detection of Drive-by Download Attacks Using Machine Learning Approach

Monther Aldwairi, Musaab Hasan, Zayed Balbahaith
Copyright: © 2017 |Volume: 11 |Issue: 4 |Pages: 13
ISSN: 1930-1650|EISSN: 1930-1669|EISBN13: 9781522511762|DOI: 10.4018/IJISP.2017100102
Cite Article Cite Article

MLA

Aldwairi, Monther, et al. "Detection of Drive-by Download Attacks Using Machine Learning Approach." IJISP vol.11, no.4 2017: pp.16-28. http://doi.org/10.4018/IJISP.2017100102

APA

Aldwairi, M., Hasan, M., & Balbahaith, Z. (2017). Detection of Drive-by Download Attacks Using Machine Learning Approach. International Journal of Information Security and Privacy (IJISP), 11(4), 16-28. http://doi.org/10.4018/IJISP.2017100102

Chicago

Aldwairi, Monther, Musaab Hasan, and Zayed Balbahaith. "Detection of Drive-by Download Attacks Using Machine Learning Approach," International Journal of Information Security and Privacy (IJISP) 11, no.4: 16-28. http://doi.org/10.4018/IJISP.2017100102

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Drive-by download refers to attacks that automatically download malwares to user's computer without his knowledge or consent. This type of attack is accomplished by exploiting web browsers and plugins vulnerabilities. The damage may include data leakage leading to financial loss. Traditional antivirus and intrusion detection systems are not efficient against such attacks. Researchers proposed plenty of detection approaches mostly passive blacklisting. However, a few proposed dynamic classification techniques, which suffer from clear shortcomings. In this paper, we propose a novel approach to detect drive-by download infected web pages based on extracted features from their source code. We test 23 different machine learning classifiers using data set of 5435 webpages and based on the detection accuracy we selected the top five to build our detection model. The approach is expected to serve as a base for implementing and developing anti drive-by download programs. We develop a graphical user interface program to allow the end user to examine the URL before visiting the website. The Bagged Trees classifier exhibited the highest accuracy of 90.1% and reported 96.24% true positive and 26.07% false positive rate.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.