مرکز منطقه ای اطلاع رساني علوم و فناوري - Automated Detection of Drive-By Download Attack

DocumentCode :

3664616

Title :

Automated Detection of Drive-By Download Attack

Author :

Hiroaki Kikuchi;Hiroaki Matsumoto;Hiroshi Ishii

Author_Institution :

Dept. of Frontier Media Sci., Meiji Univ., Tokyo, Japan

fYear :

2015

fDate :

7/1/2015 12:00:00 AM

Firstpage :

511

Lastpage :

515

Abstract :

To extract features of Drive-by-download traffic, we develop a system for visualizing the flow of HTTP traffic. Based on the typical behavior observed in malicious connections, we propose an automated detection system to classify drive-by download with the logical condition of some features such as the redirection methods and the object size. Our detection uses the decision tree learning with optimal threshold for learning data and successfully detect the malicious connection with the accuracy of 0.06 false negative and 0 false positive.

Keywords :

"Malware","Decision trees","Browsers","Servers","Feature extraction","Accuracy","Data visualization"

Publisher :

ieee

Conference_Titel :

Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2015 9th International Conference on

Type :

conf

DOI :

10.1109/IMIS.2015.71

Filename :

7285005

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3664616