This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Improved Blacklisting: Inspecting the Structural Neighborhood of Malicious URLs
July-Aug. 2013 (vol. 15 no. 4)
pp. 50-56
Mitsuaki Akiyama, NTT Secure Platform Laboratories, Japan
Takeshi Yagi, NTT Secure Platform Laboratories, Japan
Takeo Hariu, NTT Secure Platform Laboratories, Japan
Filtering based on blacklists is a major countermeasure against malicious websites. However, blacklists must be updated because malicious URLs tend to be short-lived, and they can be partially mutated to avoid blacklisting. Due to these characteristics, it can be assumed that unknown malicious URLs exist in the neighborhood of known malicious URLs created by the same adversary. The authors propose an effective blacklist URL generation method that discovers URLs in the neighborhood of a malicious URL by using a search engine. This article is part of a special issue on security.
Index Terms:
Search engines,Malware,Browsers,Authentication,Indexes,Filtering,Internet,Computer security,security,blacklist,drive-by-download,web-based malware,information technology
Citation:
Mitsuaki Akiyama, Takeshi Yagi, Takeo Hariu, "Improved Blacklisting: Inspecting the Structural Neighborhood of Malicious URLs," IT Professional, vol. 15, no. 4, pp. 50-56, July-Aug. 2013, doi:10.1109/MITP.2012.118
Usage of this product signifies your acceptance of the Terms of Use.