EconPapers    
Economics at your fingertips  
 

Cross-Layer Detection of Malicious Websites

Li Xu, Zhenxin Zhan, Shouhuai Xu, Keying Ye, Keesook Han and Frank Born

Working Papers from College of Business, University of Texas at San Antonio

Abstract: Malicious websites have become a major attack tool of the adversary. There are two main approaches to detect malicious websites: static and dynamic. The static approach is centered on the static analysis of website contents and can scale up to a large number of websites in cyberspace. However, this approach has limited success in dealing with sophisticated attacks that include obfuscation. The dynamic approach is centered on the analysis of website contents via their run-time behaviors, and can cope with these sophisticated attacks. However, this approach is often expensive and cannot scale up to the magnitude of the number of websites in cyberspace. This research aims to achieve the best performance of two malicious website detection approaches simultaneously. In this paper, we propose an analysis of the corresponding network-layer traffic between the browser and the web server by incorporating the static analysis of website contents, which is conducted at the application layer. The insight of this approach is that the network-layer may expose useful information about malicious websites from a different perspective. Evaluation based on the data collected during 37 days shows that certain cross-layer detection methods can be almost as effective as the dynamic approach. Performance experiments show that, when both approaches are deployed as a service, the crosslayer detection approach is about 50 times faster than the dynamic approach.

Keywords: Malicious URL; Cross-layer detection; static analysis; dynamic analysis; hybrid analysis (search for similar items in EconPapers)
Pages: 14 pages
Date: 2013
References: Add references at CitEc
Citations: View citations in EconPapers (2)

Published in Review of Economics, March 1999, pages 1-23

Downloads: (external link)
http://interim.business.utsa.edu/wps/mss/0003MSS-432-2013.pdf Full text (application/pdf)
Our link check indicates that this URL is bad, the error code is: 404 Not Found

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:tsa:wpaper:0150mss

Access Statistics for this paper

More papers in Working Papers from College of Business, University of Texas at San Antonio Contact information at EDIRC.
Bibliographic data for series maintained by Wendy Frost ().

 
Page updated 2024-12-29
Handle: RePEc:tsa:wpaper:0150mss