An Evasion and Counter-Evasion Study in Malicious Websites Detection

08/08/2014
by   Li Xu, et al.
0

Malicious websites are a major cyber attack vector, and effective detection of them is an important cyber defense task. The main defense paradigm in this regard is that the defender uses some kind of machine learning algorithms to train a detection model, which is then used to classify websites in question. Unlike other settings, the following issue is inherent to the problem of malicious websites detection: the attacker essentially has access to the same data that the defender uses to train its detection models. This 'symmetry' can be exploited by the attacker, at least in principle, to evade the defender's detection models. In this paper, we present a framework for characterizing the evasion and counter-evasion interactions between the attacker and the defender, where the attacker attempts to evade the defender's detection models by taking advantage of this symmetry. Within this framework, we show that an adaptive attacker can make malicious websites evade powerful detection models, but proactive training can be an effective counter-evasion defense mechanism. The framework is geared toward the popular detection model of decision tree, but can be adapted to accommodate other classifiers.

READ FULL TEXT

page 2

page 3

page 4

page 5

page 6

page 7

page 9

page 21

research
02/25/2021

Data-Driven Characterization and Detection of COVID-19 Themed Malicious Websites

COVID-19 has hit hard on the global community, and organizations are wor...
research
04/10/2021

A Low-Cost Attack against the hCaptcha System

CAPTCHAs are a defense mechanism to prevent malicious bot programs from ...
research
05/22/2019

Deep Reinforcement Learning for Detecting Malicious Websites

Phishing is the simplest form of cybercrime with the objective of baitin...
research
09/13/2022

Detection of Malicious Websites Using Machine Learning Techniques

In detecting malicious websites, a common approach is the use of blackli...
research
01/07/2022

Asymptotic Security using Bayesian Defense Mechanism with Application to Cyber Deception

This paper addresses the question whether model knowledge can guide a de...
research
05/23/2023

Understanding the Country-Level Security of Free Content Websites and their Hosting Infrastructure

This paper examines free content websites (FCWs) and premium content web...
research
08/04/2021

Semi-supervised Conditional GAN for Simultaneous Generation and Detection of Phishing URLs: A Game theoretic Perspective

Spear Phishing is a type of cyber-attack where the attacker sends hyperl...

Please sign up or login with your details

Forgot password? Click here to reset