Abstract
The classification of the massive amount of malicious software variants into families is a challenging problem faced by the network community. In this paper (The work was supported by the EU FP7 grant No. 608533 (NECOMA) and “Information technologies: Research and their interdisciplinary applications”, POKL.04.01.01-00-051/10-00.) we introduce a hybrid technique combining a frequent pattern mining and a classification technique to detect malicious campaigns. A novel approach to prepare malicious datasets containing URLs for training the supervised learning classification method is provided. We have investigated the performance of our system employing frequent pattern tree and Support Vector Machine on the real database consisting of malicious data taken from numerous devices located in many organizations and serviced by CERT Polska. The results of extensive experiments show the effectiveness and efficiency of our approach in detecting malicious web campaigns.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Argawal, C., Li, Y., Wang, J.: Frequent pattern mining with uncertain data. In: Proc. of 15th Inter. Conf. on Knowledge Discovery and Data Mining (ACM SIGKDD), pp. 29–38 (2009)
Calais, P., Pires, D., Neto, D., Meira, W., Hoepers, C., Steding-Jessen, K.: A campaign-based characterization of spamming strategies. In: CEAS 2008, pp. 1–6 (2008)
Gandotra, E.: Malware analysis and classification: A survey. Journal of Information Security 5, 56–64 (2014)
Gao, H., Hu, J., Wilson, C., Li, Z., Chen, Y., Zhao, B.: Detecting and characterizing social spam campaigns. In: Proc. of the 10th ACM SIGCOMM Conference on Internet Measurement, pp. 35–47 (2010)
Han, Y., Pei, Y., Yin, Y.: Mining frequent patterns without candidate generation. In: Proc. of SIGMOD, pp. 1–12 (2000)
Jebara, T.: Multi-task feature and kernel selection for svms. In: Proc. of Inter. Conf. on Machine Learning, pp. 55–63 (2004)
Radu, V.: Application. In: Radu, V. (ed.) Stochastic Modeling of Thermal Fatigue Crack Growth. ACM, vol. 1, pp. 63–70. Springer, Heidelberg (2015)
Kozakiewicz, A., Felkner, A., Kijewski, P., Kruk, T.: Application of bioinformatics methods to recognition of network threats. JTIT, pp. 23–27 (2007)
Kruczkowski, M., Niewiadomska-Szynkiewicz, E.: Support vector machine for malware analysis and classification. In: Proc. of IEEE/WIC/ACM Inter. Conf. on Web Intelligence, pp. 1–6 (2014)
Lasota, K., Kozakiewicz, A.: Analysis of the similarities in malicious dns domain names. In: Lee, C., Seigneur, J.-M., Park, J.J., Wagner, R.R. (eds.) STA 2011 Workshops. CCIS, vol. 187, pp. 1–6. Springer, Heidelberg (2011)
NASK: n6 platform (2014). http://www.cert.pl/news/tag/n6
de Oliveira, I.L., Grégio, A.R.A., Cansian, A.M.: A malware detection system inspired on the human immune system. In: Murgante, B., Gervasi, O., Misra, S., Nedjah, N., Rocha, A.M.A.C., Taniar, D., Apduhan, B.O. (eds.) ICCSA 2012, Part IV. LNCS, vol. 7336, pp. 286–301. Springer, Heidelberg (2012)
Vapnik, V.: The Nature of Statistical Learning Theory. Springer, New York (1995)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Kruczkowski, M., Niewiadomska-Szynkiewicz, E., Kozakiewicz, A. (2015). FP-tree and SVM for Malicious Web Campaign Detection. In: Nguyen, N., Trawiński, B., Kosala, R. (eds) Intelligent Information and Database Systems. ACIIDS 2015. Lecture Notes in Computer Science(), vol 9012. Springer, Cham. https://doi.org/10.1007/978-3-319-15705-4_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-15705-4_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-15704-7
Online ISBN: 978-3-319-15705-4
eBook Packages: Computer ScienceComputer Science (R0)