The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.04 - July-Aug. (2013 vol.15)
pp: 50-56
Mitsuaki Akiyama , NTT Secure Platform Laboratories, Japan
Takeshi Yagi , NTT Secure Platform Laboratories, Japan
Takeo Hariu , NTT Secure Platform Laboratories, Japan
ABSTRACT
Filtering based on blacklists is a major countermeasure against malicious websites. However, blacklists must be updated because malicious URLs tend to be short-lived, and they can be partially mutated to avoid blacklisting. Due to these characteristics, it can be assumed that unknown malicious URLs exist in the neighborhood of known malicious URLs created by the same adversary. The authors propose an effective blacklist URL generation method that discovers URLs in the neighborhood of a malicious URL by using a search engine. This article is part of a special issue on security.
INDEX TERMS
Search engines, Malware, Browsers, Authentication, Indexes, Filtering, Internet, Computer security, security, blacklist, drive-by-download, web-based malware, information technology
CITATION
Mitsuaki Akiyama, Takeshi Yagi, Takeo Hariu, "Improved Blacklisting: Inspecting the Structural Neighborhood of Malicious URLs", IT Professional, vol.15, no. 4, pp. 50-56, July-Aug. 2013, doi:10.1109/MITP.2012.118
REFERENCES
1. M. Akiyama et al., “Design and Implementation of High Interaction Client Honeypot for Drive-by-Download Attacks,” IEICE Trans. Comm., vol. E93-B, 2010 pp. 1131-1139.
26 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool