MalCrawler: A Crawler for Seeking and Crawling Malicious Websites
详细信息 查看全文
- 关键词:Cyber security ; Focused crawling ; Web security ; Drive ; by download attacks ; Malicious web mining
- 刊名:Lecture Notes in Computer Science
- 出版年:2017
- 出版时间:2017
- 年:2017
- 卷:10109
- 期:1
- 页码:210-223
- 丛书名:Distributed Computing and Internet Technology
- ISBN:978-3-319-50472-8
- 卷排序:10109
文摘
Over the years, internet has become the major source of security threat to computer systems. With the number of people browsing internet increasing exponentially in the last couple of years, browser based attacks have become the preferred means of infecting a computer system. These browser based attacks, known as ‘Drive-by Download’ attacks, inject malicious JavaScript from the server hosting the malicious web application to the browser. Since, the numbers of malicious websites launching such attacks have increased in the past few years; it has become critical to detect them. Typically, search for malicious web pages involves three steps- crawling URLs on the internet, using fast analysis filters to reject benign pages, and then running complex but slow detailed analysis (using Honey Clients) on the filtered list. While effective, these techniques consume substantial time and computing resources. This limitation can be overcome by designing a crawler which can seek more malicious sites than benign sites, thus, increasing the “toxicity” of the URLs collected in the first step. In this paper, we propose a focused web crawler, named “MalCrawler”, which has been designed to crawl and search malicious websites efficiently. This crawler, when compared to a generic crawler, will not only seek more malicious sites than benign sites, but will also handle cloaking, entanglement and AJAX content in malicious sites. MalCrawler, designed, developed and tested, as part of the scope of this paper, proved to be more efficient than generic crawlers.