Malware Slums: Measurement and Analysis of Malware on Traffic Exchanges

Yousaf, Salman; Iqbal, Umar; Farooqi, Shehroze; Ahmad, Raza; Shafiq, Zubair; Zaffar, Fareed

doi:10.1109/dsn.2016.58

Cited by 4 publications

(2 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Cao et al [24] proposed an approach to distinguish organized and organic users on Twitter and found that URL shortening services were used to launch spam campaigns from strategically organized accounts. In addition to the abuse of URL shortening services on social media, Yousaf et al [25] reported that short URLs are used in the redirection chain generated by traffic exchanges, making it difficult to detect malicious sites. Also, previous studies revealed the users' perspective on security threats of URL shortening services [26], [27], [28].…”

Section: Related Workmentioning

confidence: 99%

Understanding Security Risks of Ad-based URL Shortening Services Caused by Users' Behaviors

Fukushi¹,

Koide

Chiba

et al. 2022

Journal of Information Processing

View full text Add to dashboard Cite

URL shortening services enable us to shorten or simplify URLs. Ad-based URL shortening services display advertisements to users who access short URLs and reward short URL creators. However, ad-based URL shortening services have specific security risks that URL shortening services without ads do not, such as displaying malicious advertisements to users. In this study, we reveal previously unknown security risks of these services caused by users' behaviors. We conducted a comprehensive measurement of ad-based URL shortening services. First, we accessed short URLs of these services, clicked buttons on the web pages, and reached the final destinations of the short URLs. Then, we reveal the security risks posed to users by monitoring and analyzing traffic logs when such short URLs are accessed. We found that all services generated an average of 86.5 web requests to malicious domain names per short URL. We then showed the security risk of unintentionally communicating malicious domain names even when users click only on buttons that correctly move users to their desired destinations. Finally, we discuss countermeasures to mitigate these risks from the perspective of each stakeholder in ad-based URL shortening services.

show abstract

Section: Related Workmentioning

confidence: 99%

Understanding Security Risks of Ad-based URL Shortening Services Caused by Users' Behaviors

Fukushi¹,

Koide

Chiba

et al. 2022

Journal of Information Processing

View full text Add to dashboard Cite

show abstract

“…However, tactics are preferred by adversaries that allow them to attack a huge number of users in several minutes [4]. Most hackers today can effectively escape detection by security protocols [5], such as firewall and intrusion detection system (IDS); invaders have used techniques to spread their exploited code that include utilizing online advertisements of website pages [6], structured query language injection (SQLI), cross-site scripting (XSS) and another web scanner [7].…”

Section: Introductionmentioning

confidence: 99%

Exploring Malware Behavior of Webpages Using Machine Learning Technique: An Empirical Study

Alwaghid

Sarkar

2020

Electronics

View full text Add to dashboard Cite

Malware is one of the most common security threats experienced by a user when browsing webpages. A good understanding of the features of webpages (e.g., internet protocol, port, URL, Google index, and page rank) is required to analyze and mitigate the behavior of malware in webpages. This main objective of this paper is to analyze the key features of webpages and to mitigate the behavior of malware in webpages. To this end, we conducted an empirical study to identify the features that are most vulnerable to malware attacks and its results are reported. To improve the feature selection accuracy, a machine learning technique called bagging is employed using the Weka program. To analyze these behaviors, phishing and botnet data were obtained from the University of California Irvine machine learning repository. We validate our research findings by applying honeypot infrastructure using the Modern Honeypot Network (MHN) setup in a Linode Server. As the data suffer from high variance in terms of the type of data in each row, bagging is chosen because it can classify binary classes, date classes, missing values, nominal classes, numeric classes, unary classes and empty classes. As a base classifier of bagging, random tree was applied because it can handle similar types of data such as bagging, but better than other classifiers because it is faster and more accurate. Random tree had 88.22% test accuracy with the lowest run time (0.2 sec) and a receiver operating characteristic curve of 0.946. Results show that all features in the botnet dataset are equally important to identify the malicious behavior, as all scored more than 97%, with the exception of TCP and UDP. The accuracy of phishing and botnet datasets is more than 89% on average in both cross validation and test analysis. Recommendations are made for the best practice that can assist in future malware identification.

show abstract

Analyzing Security Risks of Ad-Based URL Shortening Services Caused by Users’ Behaviors

Fukushi

Koide

Chiba

et al. 2021

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

View full text Add to dashboard Cite

Malware Slums: Measurement and Analysis of Malware on Traffic Exchanges

Cited by 4 publications

References 9 publications

Understanding Security Risks of Ad-based URL Shortening Services Caused by Users' Behaviors

Understanding Security Risks of Ad-based URL Shortening Services Caused by Users' Behaviors

Exploring Malware Behavior of Webpages Using Machine Learning Technique: An Empirical Study

Analyzing Security Risks of Ad-Based URL Shortening Services Caused by Users’ Behaviors

Contact Info

Product

Resources

About