Home Articles List Article Information
The ISC International Journal of Information Security
Journal Archive
Volume Volume 10 (2018)
Volume Volume 9 (2017)
Volume Volume 8 (2016)
Volume Volume 7 (2015)
Volume Volume 6 (2014)
Volume Volume 5 (2013)
Volume Volume 4 (2012)
Volume Volume 3 (2011)
Volume Volume 2 (2010)
Volume Volume 1 (2009)
Hajian Nezhad, J., Vafaei Jahan, M., Tayarani-N, M., Sadrnezhad, Z. (2017). Analyzing new features of infected web content in detection of malicious web pages. The ISC International Journal of Information Security, 9(2), 63-83. doi: 10.22042/isecure.2017.9.2.2
J. Hajian Nezhad; M. Vafaei Jahan; M. Tayarani-N; Z. Sadrnezhad. "Analyzing new features of infected web content in detection of malicious web pages". The ISC International Journal of Information Security, 9, 2, 2017, 63-83. doi: 10.22042/isecure.2017.9.2.2
Hajian Nezhad, J., Vafaei Jahan, M., Tayarani-N, M., Sadrnezhad, Z. (2017). 'Analyzing new features of infected web content in detection of malicious web pages', The ISC International Journal of Information Security, 9(2), pp. 63-83. doi: 10.22042/isecure.2017.9.2.2
Hajian Nezhad, J., Vafaei Jahan, M., Tayarani-N, M., Sadrnezhad, Z. Analyzing new features of infected web content in detection of malicious web pages. The ISC International Journal of Information Security, 2017; 9(2): 63-83. doi: 10.22042/isecure.2017.9.2.2

Analyzing new features of infected web content in detection of malicious web pages

Article 7, Volume 9, Issue 2, Summer and Autumn 2017, Page 63-83  XML PDF (1677 K)
Document Type: ORIGINAL RESEARCH PAPER
DOI: 10.22042/isecure.2017.9.2.2
Authors
J. Hajian Nezhad; M. Vafaei Jahan* ; M. Tayarani-N; Z. Sadrnezhad
Abstract
Recent improvements in web standards and technologies enable the attackers to hide and obfuscate infectious codes with new methods and thus escaping the security filters. In this paper, we study the application of machine learning techniques in detecting malicious web pages. In order to detect malicious web pages, we propose and analyze a novel set of features including HTML, JavaScript (jQuery library) and XSS attacks. The proposed features are evaluated on a data set that is gathered by a crawler from malicious web domains, IP and address black lists. For the purpose of evaluation, we use a number of machine learning algorithms. Experimental results show that using the proposed set of features, the C4.5-Tree algorithm offers the best performance with 97.61% accuracy, and F1-measure has 96.75% accuracy. We also rank the quality of the features. Experimental results suggest that nine of the proposed features are among the twenty best discriminative features.
Keywords
Malicious web pages; Feature; machine learning; content; Obfuscation; Attacker
Statistics
Article View: 5,986
PDF Download: 10,408