Sage Journals: Discover world-class research

Abstract

Nowadays, World Wide Web is an absolutely necessary and inevitable part in the life of all people all over the world which they are using Internet online services routinely to save and manage their sensitive information. On the other hand, the attackers' tendency is increasing to set up web-based client-side attacks. Because of the easiness of making these type of attacks, efficient and accurate detection of malicious web pages is one of the most important and critical strategies in the network security domain. In this paper, we present a model for detection of malicious web pages based on ensemble learning. Our major purpose of applying the idea of ensemble in the learning process is to provide more learning chance to the data instances, which are misclassified by previous classifiers. Therefore, it causes to reduce the classifiers error rate and finally leads to improve the malicious web pages classification accuracy. For doing this, we propose an ensemble approach which uses evolutionary reasoning to achieve improvement of classification accuracy in the detection of malicious web pages. We assign weight to the base classifiers and use an optimization technique based on genetic algorithm to select the best committee members of classifiers to make an optimal ensemble for classification of web pages. The obtained results from the implementing of our proposed ensemble method with different base classifiers illustrate that this algorithm leads to the classification accuracy improvement in all test cases. The most improvement is related to using SVM as the base classifier, which was 12.5%. Moreover, the maximum classification accuracy belongs to the proposed ensemble method using REPTree as the base classifier and it was 95.38%.

Keywords

Malicious web pages web-based client-side attacks evolutionary learning ensemble learning

Get full access to this article

View all access options for this article.

References

Lam Le

, Welch

, Gao

and Komisarczuk

, Two-stage Classification Model to Detect Malicious Web Pages, International Conference on Advanced Information Networking and Applications, 2011.

Christodorescu

, Jha

, Seshia

S.A.

, Song

and Bryant

R.E.

, Semantics Aware Malware Detection, IEEE symposium on security and privacy, 2005, pp. 32-46.

Hou

Y.T.

, Chang

, Chen

, Laih

C.S.

and Chen

C.M.

, Malicious Web Content Detection by Machine Learning, Expert Systems with Applications 3(1) (2010), 55-60.

Cova

, Kruegel

Ch.

and Vigna

, Detection and Analysis of Drive-by-download Attacks and Malicious Javascript Code. In Proceedings of WWW, 2010, pp. 281-290.

Bergholz

, Chang

J.-H.

, Paaß

, Reichartz

and Strobel

, Improved Phishing Detection using Model-Based Features, Conference on Email and Anti-Spam (CEAS), 2008.

Araujo

and Martinez-Romo

, Web Spam Detection: New Classification Features Based on Qualified Link Analysis and Language Models, IEEE Transactions on Information Forensics and Security 5(3) (2010).

Seifert

, Welch

and Komisarczuk

, Identification of Malicious Web Pages with Static Heuristics, IEEE Australasian Telecommunication Networks and Applications Conference, ATNAC, 2008, pp. 91-96.

Eshete

, Villafiorita

and Weldemariam

, BINSPECT: Holistic Analysis and Detection of Malicious Web Pages, Springer in Security and Privacy in Communication Networks 106 (2013), 149-166.

, Saul

L.K.

, Savage

and Voelker

G.M.

, Learning to Detect Malicious URLs, ACM Transactions on Intelligent Systems and Technology (TIST) 2(3) (2011).

10.

Byung-Ik

, Chae-Tae

and Hyun-Chul

, Suspicious Malicious Web site Detection with Strength Analysis of a Javascript Obfuscation, International Journal of Advanced Science and Technology 26 (2011), 19-32.

11.

Dewald

, Holz

and Freiling

F.C.

, Adsandbox, Sandboxing Javascript to Fight Malicious Websites, ACM Symposium on Applied Computing (2010), 1859-1864.

12.

Qassrawi

M.T.

and Zhang

, Detecting Malicious Web Servers with Honeyclients, Journal of Networks 6(1) (2011), 145-115.

13.

Yue

, Sun

and Chen

, Fine-Grained Mining and Classification of Malicious Web Pages, IEEE Fourth International Conference on Digital Manufacturing & Automation, 2013.

14.

, Saul

L.K.

, Savage

and Voelker

G.M.

, Beyond Blacklists: Learning to Detect Malicious Web sites from Suspicious URLs, 15th ACM International Conference on Knowledge Discovery and Data mining, Paris, France, 2009.

15.

Canali

, Cova

, Vigna

and Kruegel

, Prophiler: A Fast Filter for the Large-Scale Detection of Malicious Web Pages, In Proceedings of WWW, 2011, pp. 97-206.

16.

Choi

, Zhu

and Lee

, Detecting Malicious Web Links and Identifying their Attack Types, Proceedings of the 2nd USENIX conference on Web application development, 2011.

17.

Chiba

, Tobe

, Mori

and Goto

Sh.

, Detecting Malicious Websites by Learning IP Address Features, IEEE/IPSJ 12th International Symposium on Applications and the Internet, 2012.

18.

Melville

and Mooney

R.J.

, Constructing Diverse Classifier Ensembles Using Artificial Training Examples. 8th International Joint Conference on Artificial Intelligence (IJCAI), 2003, pp. 505-510.

19.

Kazemian

H.B.

and Ahmed

, Comparisons of Machine Learning Techniques for Detecting Malicious Webpages, Expert Systems with Applications 42(3) (2015), 1166-117715.

20.

Malware Domain List, A Non-Commercial Community Project Contain List of Malicious Domains, Available at http: //www.malwaredomainlist.com, access date: 5/31/2016.

21.

The DNS-BH Project Contains a Listing of Domains that are known to be used to Propagate Malware and Spyware, Available at http://www.malwaredomains.com, access date: 5/31/2016.

22.

hpHosts, A Community Managed and Maintained Hosts File that Allows an Additional Layer of Protection Against Access to Ad, Tracking and Malicious Websites, Available at http://hosts-file.net, access date: 5/31/2016.

23.

Maimon

and Rokach

, Data Mining and Knowledge Discovery Handbook, 2nd Edition, Springer Publishing, 2010.

24.

Taghavi

Z.S.

and Sajedi

, Ensemble pruning based on oblivious chained tabu searches, 12(3) (2016), 131-143.

25.

Menahem

, Shabtai

, Rokach

and Elovici

, Improving Malware Detection by Applying Multi-Inducer Ensemble, Computational Statistics & Data Analysis 53(4) (2009), 1483-1494.

26.

Moskovitch

, Elovici

and Rokach

, Detection of Unknown Computer Worms Based on Behavioral Classification of the Host, Computational Statistics and Data Analysis 52(9) (2008), 4544-4566.

27.

Zhang

, Yin

, Hao

, Zhang

and Wang

, Malicious Codes Detection Based on Ensemble Learning, Autonomic and Trusted Computing 4610 (2007), 468-277.

28.

Mukkamalaa

, Sunga

A.H.

and Abrahamb

, Intrusion Detection Using an Ensemble of Intelligent Paradigms, Journal of Network and Computer Applications 28 (2005), 167-182.

29.

Kuncheva

L.I.

, Combining Pattern Classifiers: Methods and Algorithms, Wiley Press, 2005.

30.

T.K.

, The Random Subspace Method for Constructing Decision Forests, IEEE Transactions on Pattern Analysis and Machine Intelligence 20(8) (1998), 832-844.

31.

Wozniak

and Jackowski

, Some Remarks on Chosen Methods of Classifier Fusion Based on Weighted Voting, 4th International Conference on Hybrid Artificial Intelligence Systems 5572 (2009), 541-548.

32.

Breiman

, Bagging Predictors, Machine Learning 24(2) (1996), 123-140.

33.

Freund

and Schapire

, A Decision-Theoretic Generalization of On-line Learning and an Application to Boosting, Journal of Computer and Systems Sciences 55(1) (1997), 119-139.

34.

Rodriguez

and Kuncheva

L.I.

, Rotation Forest: A New Classifier Ensemble Method, IEEE Transactions on Pattern Analysis and Machine Intelligence 28(10) (2006), 1619-1630.

Detection of malicious web pages by evolutionary ensemble learning

Abstract

Keywords

Get full access to this article

References