Issue No.04 - July-Aug. (2013 vol.15)
Mitsuaki Akiyama , NTT Secure Platform Laboratories, Japan
Takeshi Yagi , NTT Secure Platform Laboratories, Japan
Takeo Hariu , NTT Secure Platform Laboratories, Japan
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MITP.2012.118
Filtering based on blacklists is a major countermeasure against malicious websites. However, blacklists must be updated because malicious URLs tend to be short-lived, and they can be partially mutated to avoid blacklisting. Due to these characteristics, it can be assumed that unknown malicious URLs exist in the neighborhood of known malicious URLs created by the same adversary. The authors propose an effective blacklist URL generation method that discovers URLs in the neighborhood of a malicious URL by using a search engine. This article is part of a special issue on security.
Search engines, Malware, Browsers, Authentication, Indexes, Filtering, Internet, Computer security, security, blacklist, drive-by-download, web-based malware, information technology
Mitsuaki Akiyama, Takeshi Yagi, Takeo Hariu, "Improved Blacklisting: Inspecting the Structural Neighborhood of Malicious URLs", IT Professional, vol.15, no. 4, pp. 50-56, July-Aug. 2013, doi:10.1109/MITP.2012.118