Abstract
Compromised or malicious websites are a serious threat to cyber security. Malicious users prefer to do malicious activities like phishing, spamming, etc., using compromised websites because they can mask their original identities behind these compromised sites. Compromised websites are more difficult to detect than malicious websites because compromised websites work in masquerade mode. This is one of the main reasons for us to take this topic as our research. This paper introduces the related work first and then introduces a framework to detect compromised websites using link structure analysis. One of the most popular link structures based ranking algorithm used by the Google search engine algorithm called PageRank, is implemented in our experiment using the Java language, computation is done before a website is compromised and after a website is compromised and the results are compared. The results show that when a website is compromised, its PageRank can go do down to indicate that this website is compromised.
P. Jelciana—IT Consultant.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
WorldWideWebSize.com: The size of the world wide web (the internet). http://www.worldwidewebsize.com/. Accessed 29 June 2018
Sahoo, D., Liu, C., Hoi, S.C.H.: Malicious URL detection using machine learning: a survey. arXiv:1701.07179v2 [cs.LG] (2017)
Stopbadware.org: Compromised websites an owner’s perspective. https://www.stopbadware.org/files/compromised-websites-an-owners-perspective.pdf. Accessed 14 June 2018
Choi, H., Zhu, B.B., Lee, H.: Detecting malicious web links and identifying their attack types. In: 2nd USENIX Conference on Web Application Development, USA, 15–16 June 2011
Chiba, D., Tobe, K., Mori, T., Goto, S.: Detecting malicious websites by learning IP address features. In: 12th International Symposium on Applications and Internet (IEEE/IPSJ), Turkey, 16–20 July 2012
Justin, M., Lawrence, K.S., Stefan, S., Geoffrey, M.V.: Learning to detect malicious URLs. ACM Trans. Intell. Syst. Technol. (TIST) 30(3), 30:1–30:23 (2011)
Ramesh, G., Krishnamurthi, I., Kumar, K.S.S.: An efficacious method for detecting phishing webpages through target domain identification. Elsevier Decis. Support Syst. 61, 12–22 (2014)
Vanhoenshoven, F., Napoles, G., Falcon, R., Vanhoof, K., Koppen, M.: Detecting malicious URLs using machine learning techniques. In: IEEE Symposium Series on Computational Intelligence (SSCI 2016), Greece, 6–9 December 2016
Wang, Y., Cai, W.D., Wei, P.C.: Deep learning approach for detecting malicious Javascript code. Secur. Commun. Networks. Wiley Online Libr. 9(11), 1520–1534 (2016). https://doi.org/10.1002/sec.1441
Canali, D., Balzarotti, D., Francillon, A.: The role of web hosting providers in detecting compromised websites. In: 22nd International Conference on World Wide Web Conference (WWW 2013), Brazil, 13–17 May 2013
Soska, K., Christin, N.: 23rd USENIX Security Symposium (USENIX Security 2014), USA, 20–22 August 2014
Shibahara, T., Takata, Y., Akiyama, M., Yagi, T., Yada, T.: Detecting malicious websites by integrating Malicious, Benign, and compromised redirection subgraph similarities. In: IEEE 41st Annual Computer Software and Applications Conference (COMPSAC), vol. 1, pp. 655–664 (2017)
McEntee, D.: The 10 signs you have a compromised website. https://www.webwatchdog.io/2016/10/21/the-10-signs-youve-a-hacked-or-compromised-website/. Accessed 27 June 2018
Cucu, P.: How malicious websites infect you in unexpected ways. https://heimdalsecurity.com/blog/malicious-websites/. Accessed 30 June 2018
Ravi Kumar, P., Ashutosh, K.S., Anand, M.: A new algorithm for detection of link spam contributed by zero-out-link pages. Turk. J. Electr. Eng. & Comput. Sci. (TUBITAK) 24, 2106–2123 (2016). https://doi.org/10.3906/elk-1401-202
Ravi Kumar, P., Alex Goh, G.L., Ashutosh, K.S., Anand, M.: Efficient methodologies to determine the relevancy of hanging pages using stability analysis. Cybern. Syst. (2016). https://doi.org/10.1080/01969722.2016.1187030
Eduarda, M.R., Natasha, M.F., Martin, H., Gavin, S.: Link structure graph for representing and analyzing web sites. Microsoft Research. (MSR-TR-2006–94) (2006)
Ravi Kumar, P., Alex Goh, K.L., Ashutosh, K.S.: Application of Markov Chain in the PageRank algorithm. Pertanika J. Sci. Technol. 21(2), 541–554 (2013)
Brin, S., Page, L.: The anatomy of a large scale hypertextual web search engine. Comput. Netw. ISDN Syst. 30(1–7), 107–117 (1998)
Gianluca, S., Christopher, K., Giovanni, V.: ACM SIGSAC Conference on Computer & Communications Security, CCS 2013, Germany, 4–8 November 2013
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Ravi Kumar, P., Herbert Raj, P., Jelciana, P. (2019). A Framework to Detect Compromised Websites Using Link Structure Anomalies. In: Omar, S., Haji Suhaili, W., Phon-Amnuaisuk, S. (eds) Computational Intelligence in Information Systems. CIIS 2018. Advances in Intelligent Systems and Computing, vol 888. Springer, Cham. https://doi.org/10.1007/978-3-030-03302-6_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-03302-6_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-03301-9
Online ISBN: 978-3-030-03302-6
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)