Detection of Forwarding-Based Malicious URLs in Online Social Networks

Cao, Jian; Li, Qiang; Ji, Yuede; He, Yukun; Guo, Dong

doi:10.1007/s10766-014-0330-9

Cited by 46 publications

(32 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the Appendix, we give tables with bibliographic numbers of the papers, so that interested readers can easily find the original sources for each entry in our tables in the main part of the paper. Accuracy 28 [21], [29], [30], [34]- [36], [42], [63], [64], [69], [80] [33], [44], [53], [55], [56], [66], [79], [86], [89] [22], [48], [50]- [52], [77], [81], […”

Section: Appendixmentioning

confidence: 99%

“…Recall F-score 20 [30], [33]- [35], [47], [58]- [60], [69], [86] [22], [29], [50]- [52], [62]- [64], [70], [89] Error Rate 13 [21], [28], [34], [39], [40], [43], [49] [38], [65], [67], [73], [85], [89] Confusion Matrix a 20 [35], [43]- [46], [48], [57], [69], [76], [80], [82] [29], [50], [51], [58], [66], [78], [79], [88], [89] Area Under Curve 4 [33], [35], [50], [51] Others b 6 [42], [57],…”

Section: ] Precisionmentioning

confidence: 99%

See 1 more Smart Citation

SoK: A Comprehensive Reexamination of Phishing Research From the Security Perspective

Das

Baki

Aassal

et al. 2020

IEEE Commun. Surv. Tutorials

View full text Add to dashboard Cite

Phishing and spear phishing are typical examples of masquerade attacks since trust is built up through impersonation for the attack to succeed. Given the prevalence of these attacks, considerable research has been conducted on these problems along multiple dimensions. We reexamine the existing research on phishing and spear phishing from the perspective of the unique needs of the security domain, which we call security challenges: real-time detection, active attacker, dataset quality and baserate fallacy. We explain these challenges and then survey the existing phishing/spear phishing solutions in their light. This viewpoint consolidates the literature and illuminates several opportunities for improving existing solutions. We organize the existing literature based on detection techniques for different attack vectors (e.g., URLs, websites, emails) along with studies on user awareness. For detection techniques we examine properties of the dataset, feature extraction, detection algorithms used, and performance evaluation metrics. This work can help guide the development of more effective defenses for phishing, spear phishing and email masquerade attacks of the future, as well as provide a framework for a thorough evaluation and comparison.

show abstract

Section: Appendixmentioning

confidence: 99%

Section: ] Precisionmentioning

confidence: 99%

SoK: A Comprehensive Reexamination of Phishing Research From the Security Perspective

Das

Baki

Aassal

et al. 2020

IEEE Commun. Surv. Tutorials

View full text Add to dashboard Cite

show abstract

“…Looking at the dynamic redirection of Web pages has been proposed to detect phishing and spamming webpages in [12,13]. This was extended to using forward and graph based features in [29]. In summary, while excellent results have been achieved by studying the static or dynamic activity of a Web page, the focus has been on detection.…”

Section: Detecting Malicious Content By Analysing the Static Or Dynammentioning

confidence: 99%

Prediction of drive-by download attacks on Twitter

Javed

Burnap

Rana

2019

Information Processing & Management

View full text Add to dashboard Cite

The popularity of Twitter for information discovery, coupled with the automatic shortening of URLs to save space, given the 140 character limit, provides cyber criminals with an opportunity to obfuscate the URL of a malicious Web page within a tweet. Once the URL is obfuscated the cyber criminal can lure a user to click on it with enticing text and images before carrying out a cyber attack using a malicious Web server. This is known as a drive-bydownload. In a drive-by-download a user's computer system is infected while interacting with the malicious endpoint, often without them being made aware the attack has taken place. An attacker can gain control of the system by exploiting unpatched system vulnerabilities and this form of attack currently represents one of the most common methods employed. In this paper we build a machine learning model using machine activity data and tweet meta data to move beyond post-execution classification of such URLs as malicious, to predict a URL will be malicious with 99.2% F-measure (using 10-fold cross validation) and 83.98% (using an unseen test set) at 1 second into the interaction with the URL. Thus providing a basis from which to kill the connection to the server before an attack has completed and proactively blocking and preventing an attack, rather than reacting and repairing at a later date.

show abstract

“…A static code analysis technique was used; to detect the malicious URL, proposed by Prabhu Seshagiria et al [17]. It analyses the domain, iframe and image, to classify the URL.…”

Section: Related Workmentioning

confidence: 99%