Title :
ADAM: Automated detection and attribution of malicious webpages
Author :
Kosba, Ahmed E. ; Mohaisen, Aziz ; West, Andrew G. ; Tonn, Trevor
Abstract :
Malicious webpages are a prevalent and severe threat in the Internet security landscape. This fact has motivated numerous static and dynamic techniques for their accurate and efficient detection. Building on this existing literature, this work introduces ADAM, a system that uses machine-learning over network metadata derived from the sandboxed execution of webpage content. Machine-trained models are not novel in this problem space. Instead, it is the dynamic network artifacts (and their subsequent feature representations) collected during rendering that are the greatest contribution of this work.
Keywords :
Internet; Web sites; learning (artificial intelligence); meta data; program diagnostics; security of data; ADAM; Internet security landscape; automated detection; dynamic techniques; machine-learning; machine-trained models; malicious Web pages; network metadata; sandboxed execution; static techniques; Accuracy; Conferences; Feature extraction; IP networks; Security; Servers; Training;
Conference_Titel :
Communications and Network Security (CNS), 2013 IEEE Conference on
Conference_Location :
National Harbor, MD
DOI :
10.1109/CNS.2013.6682747
