Abstract
Online malicious behavior is performed in a certain kind of pressure, availability of opportunity, and through rationalized way. Web systems are accessed through browser and integrated with database so they usually face many types of vulnerabilities and online threats. The survey is focused on categorization of online malicious behavior on certain web platforms such as education, information technology, finance, and government. The characteristics of malicious behavior are explained. The research purpose is to gather, observe, compare, and study different malicious behavior, detection systems, tools and technologies used, results, and their drawbacks. The numerical observations of malicious behavior are given in order to understand severity of this behavior and its impact. The systems are observed comparatively to point out the challenges. The possible suggestions are mentioned about current requirements in online malicious behavior detection systems. The mind condition behind all malicious behavior is dishonesty and it is contagious by nature. The hybrid detection model is required which will detect malicious behavior in real time, will be flexible enough to configure newly arrived malicious behavior with good accuracy, and will work on multiple domains.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Nilakshi, J., Shwetambari, P., Dhananjay K.: Network security analyzer: detection and prevention of web attacks. Springer International Publishing Switzerland. In: Satapathy, S.C., Das, S. (eds.) Proceedings of First International Conference on Information and Communication Technology for Intelligent Systems, vol. 1. Smart Innovation, Systems and Technologies, vol. 50, pp. 497–505 (2016)
Srijan, K.: Characterization and Detection of Malicious Behavior on the Web. Ph.D. Thesis, pp. 1–225 (2017)
Maeve, D.: Online Harassment. Pew Research Center, pp. 1–65 (2014)
Maeve, D.: Online Harassment. Pew Research Center (2017)
FBI Internet Crime Complaint Center (IC3) annual reports. https://www.ic3.gov/media/annualreports.aspx (2017)
Cheng, J., Bernstein, M., Danescu-Niculescu-Mizil, C., Leskovec, J.: Anyone can become a troll: causes of trolling behavior in online discussions. In: Proceedings of the 20th ACM Conference on Computer-Supported Cooperative Work & Social Computing (2017)
Mazar, N., Amir, O., Ariely, D.: The dishonesty of honest people: a theory of self-concept maintenance. J. Mark. Res. 1–48 (2008)
Katerina, G., Goce, A., Ana, D., Risto, P., Brandon, M.: Characterization and classification of malicious web traffic. Comput. Secur. 42, 92–115 (2014)
Lee, S., Kim, H.: Why people post benevolent and malicious comments online. Commun. ACM 58, 74–79 (2015)
Soojin, Y., Hyun-lock, C., Hanchul, B., Hwankuk, K.: Behavior-based detection for malicious script-based attack. In: Park, J., et al. (eds.), Advances in Computer Science and Ubiquitous Computing, Lecture Notes in Electrical Engineering, pp. 97–103. Springer Nature Singapore (2017)
Poornachandran, P., Balagopal, N., Pal, S., Ashok, A., Sankar, P., Krishnan, M.R.: Demalvertising: a kernel approach for detecting malwares in advertising networks. In: Mandal, J.K., et al. (eds.) Proceedings of the First International Conference on Intelligent Computing and Communication, Advances in Intelligent Systems and Computing, vol. 458, pp. 215–224. Springer Science+Business Media Singapore (2017)
Amant, R.S., Robert, D.L.: Natural interaction for bot detection. Natural Web Interfaces. IEEE Internet Comput. 20, 69–73 (2016)
Maheswari, K.G., Anita, R.: An intelligent detection system for SQL attacks on web IDS in a real-time application. In: Proceedings of the 3rd International Symposium on Big Data and Cloud Computing Challenges (ISBCC—16’), Smart Innovation, Systems and Technologies, vol. 49, pp. 93–99. Springer International Publishing Switzerland (2016)
Noam, A., Cleotilde, G.: Effects of cyber security knowledge on attack detection. Comput. Hum. Behav. 48, 51–61 (2015)
David, Z., Issa, T., Bassam, S., Wei, L., Sherif, S., Ali, G., Dan, G.: Botnet detection based on traffic behavior analysis and flow intervals. Comput. Secur. 39, 2–16 (2013)
Kristof, S., Marius, K., Alexander, B., Rieck, K.: Early detection of malicious behavior in JavaScript code. In: AISec’12, pp. 15–24. ACM (2012)
Yinxing, X., Junjie, W., Yang, L., Hao, X., Jun, S., Mahinthan C., Detection and classification of malicious JavaScript via attack behavior modelling. In: ISSTA’15, pp. 48–59. ACM (2015)
Inyong, L., Soonki, J., Sangsoo, Y., Jongsub, M.: A novel method for SQL injection attack detection based on removing SQL query attribute values. Math. Comput. Model. 55, 58–68 (2012)
Web Application Attack Statistics, pp. 1–11, Q1 (2017)
Thiyab, R., Ali, M., Basil, F.: The impact of SQLIAs on the security of databases. In: Proceedings of 6th ICOCI, no. 80, pp. 323–331 (2017)
Ashish, D., Sanjay, J.: Neutralizing SQL injection attack using server side code modification in web applications. Hindawi, Secur. Commun. Netw. Research Article 1–12 (2017)
Victor, P., Kim, C., Helen, A.: Context-oriented web application protection model. Appl. Math. Comput. 285, 59–78 (2016)
Valeur, F., Mutz, D., Vigna, G.: A learning-based approach to the detection of SQL attacks
Subrahmanian, V.S., Kumar, S.: Predicting human behavior: the next frontiers. Science 355(6324), 489 (2017)
Singh, P., Singh, M.: Fraud detection by monitoring customer behavior and activities. IJCA 111(11), 23–32 (2015)
William, H., Jeremy, V., Alessandro, O.: A classification of SQL injection attacks and countermeasures, pp 1–11. IEEE (2006)
Roshni, C., Manoj, M., Santhi, T., Dipankar, S.: SQL injection attack mechanisms and prevention techniques. In: ADCONS, pp. 524–533. Springer, Berlin (2012)
Jai, S.: Analysis of SQL injection detection techniques. Theor. Appl. Inform. 28(1 & 2), 37–55 (2016)
Atefeh, T., Maslin, M., Mohammad, H., Suhaimi, I.: SQL injection detection and prevention tools assessment, pp. 518–522. IEEE (2010)
SQL Injection Attacks: Detection in a Web Application Environment, DB Networks, www.dbnetworks.com, pp. 1–13 (2016)
Manisha, B., Vanita, M.: Protection of web application against SQL injection attack. Int. J. Sci. Res. Publ. 3(10), 1–5 (2013)
Liu, Huan, Morstatter, Fred, Tang, Jiliang, Zafarani, Reza: The good, the bad, and the ugly: uncovering novel research opportunities in social media mining. Int. J. Data Sci. Anal. 1(3–4), 137–143 (2016)
Viswanath, B., et al.: An analysis of social network-based sybil defenses. In: Proceedings of SIGCOMM, pp. 363–374. ACM (2010)
Long, J., Yang, C., Tianyi, W., Pan, H., Athanasios, V.: Understanding user behavior in online social networks: a survey. IEEE Commun. Mag. 51, 144–150 (2013)
https://www.nytimes.com/2011/10/06/opinion/fraud-and-online-learning.html
David, B.: Fraud and Distance Education, Session 60
Fraud and Role of Information Technology (2008)
The impacts of fraud on Information Technology. Essay, https://www.ukessays.com/essays/information-technology/the-impacts-of-fraud-on-information-technology-information-technology-essay.php (2015)
Ever increasing fraud risks in the IT and ITeS sector. Fraud Investigation and Dispute Services, ERNST & young, pp. 1–12
da Cunha, J.V.A., Cornachione, E.B.: Frauds and information technology: analysis of the influence on accounting and company systems. In: IFIP Springer Book Series, vol. 105, pp. 179–193 (2003)
Fighting Online Fraud: An Industry Perspective, vol. 3, pp. 1–8. ACI Universal Payments
Current fraud trends in the financial sector. ASSOCHAM India, pp. 1–28 (2015)
Singh, C., Pattanayak, D., et al.: Frauds in Indian banking industry. IIMB-WP NO. 505, pp. 1–24 (2016)
Deloitte, Indian Fraud Survey (2014)
“Online Fraud”, National Audit Office, pp. 1–50 (2017)
“Online fraud: increased threats in a real-time world”, SAS, pp. 1–4
https://www.acorn.gov.au/learn-about-cybercrime/online-scams-or-fraud
“As fake website scams abound, a government registry for Indian internet domains may be in the works”, Scroll.in, Article, Nov. 2017
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Deshpande, D.S., Deshpande, S.P., Thakare, V.M. (2019). Detection of Online Malicious Behavior: An Overview. In: Hu, YC., Tiwari, S., Mishra, K., Trivedi, M. (eds) Ambient Communications and Computer Systems. Advances in Intelligent Systems and Computing, vol 904. Springer, Singapore. https://doi.org/10.1007/978-981-13-5934-7_2
Download citation
DOI: https://doi.org/10.1007/978-981-13-5934-7_2
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-5933-0
Online ISBN: 978-981-13-5934-7
eBook Packages: EngineeringEngineering (R0)