poster

Context-aware web security threat prevention

Authors:

Yuen-Hsien TsengAuthors Info & Claims

CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

Pages 992 - 994

https://doi.org/10.1145/2382196.2382302

Published: 16 October 2012 Publication History

Get Access

Abstract

This paper studies the feasibility of an early warning system that prevents users from the dangerous situations they may fall into during web surfing. Our approach adopts behavioral Hidden Markov Models to explore collective intelligence embedded in users' browsing behaviors for context-aware category prediction, and applies the results to web security threat prevention. Large-scale experiments show that our proposed method performs accuracy 0.463 for predicting the fine-grained categories of users' next accesses. In real-life filtering simulations, our method can achieve macro-averaging blocking rate 0.4293 to find web security threats that cannot be detected by the existing security protection solutions at the early stage, while accomplishes a low macro-averaging over-blocking rate 0.0005 with the passage of time. In addition, behavioral HMM is able to alert users for avoiding security threats by 8.4 hours earlier than the current URL filtering engine does. Our simulations show that the shortening of this lag time is critical to avoid severe diffusions of security threats.

References

[1]

Xiang, G., Hong, J., Rose, C. P., and Cranor, L. 2011. CANTINA+: a feature-rich machine learning framework for detecting phishing web sites. ACM T. Inform. Syst. Se. 14, 2 (September. 2011), Article 21. DOI= http://doi.acm.org/10.1145/2019599.2019606.

Digital Library

Google Scholar

[2]

Canali, D., Cova, M., Vigna, G., and Kruegel, C. 2011. Prophiler: a fast filter for the large-scale detection of malicious web pages. In Proceedings of the 20th International Conference on World Wide Web (Hyderabad, India, March 28 -- April 1, 2011). WWW'11. ACM, New York, NY, 197--206. DOI= http://doi.acm.org/10.1145/1963405.1963436.

Digital Library

Google Scholar

[3]

Yu, F., Xie, Y., and Ke, Q. 2010. SBotMiner: large scale search bot detection. In Proceedings of the 3rd ACM International Conference on Web Search and Data Mining (New York City, USA, February 3 - 6, 2010). WSDM'10. ACM, New York, NY, 421--430. DOI= http://doi.acm.org/10.1145/1718487.1718540

Digital Library

Google Scholar

[4]

Ma. J., Saul, L. K., Savage, S., and Voelker, G. M. 2009. Beyond blacklists: learning to detect malicious web sites from suspicious URLs. In Proceedings of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (Paris, France, June 28 - July 1, 2009). KDD'09. ACM, New York, NY, 1245--1254. DOI= http://doi.acm.org/10.1145/1557019.1557153.

Digital Library

Google Scholar

[5]

Doupé, A., Boe, B., Kruegel, C., and Vigna, G. 2011. Fear the ear: discovering and mitigating execution after redirect vulnerabilities. In Proceedings of the 18th ACM Conference on Computer and Communications Security (Chicago, IL, USA, October 17 - 21, 2011). CCS'11. ACM, New York, NY, 251--262. DOI= http://doi.acm.org/10.1145/2046707.2046736.

Digital Library

Google Scholar

[6]

Borders, K., and Prakash, A. 2004. Web Tap: detecting covert web traffic. In Proceedings of the 11th ACM Conference on Computer and Communications Security (Washington, DC, USA, October 25 - 29, 2004). CCS'04. ACM, New York, NY, 110--120. DOI= http://doi.acm.org/10.1145/1030083.1030100.

Digital Library

Google Scholar

[7]

Invernizzi, L., Comparetti, P. M., Benvenuti, S., Kruegel, C., Cova, M., and Vigna, G. 2012. EVILSEED: a guided approach to finding malicious web pages. In Proceedings of the 2012 IEEE Symposium on Security and Privacy (San Francisco, CA, USA, May 20 - 23, 2012). SP'12. IEEE, Piscataway, NJ, 428--442. DOI=http://doi.ieeecomputersociety.org/10.1109/SP.2012.33.

Digital Library

Google Scholar

[8]

Trend Micro URL Filtering Module, available online at http://la.trendmicro.com/imperia/md/content/us/pdf/products/enterprise/interscanwebsecuritysuite/ds01urlf040913us.pdf

Google Scholar

Cited By

View all

Lee LLee KChen HTseng YAhn GYung MLi N(2014)POSTERProceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security10.1145/2660267.2662362(1448-1450)Online publication date: 3-Nov-2014
https://dl.acm.org/doi/10.1145/2660267.2662362
Lee LLee KJuan YChen HTseng YChung CBroder AShim KSuel T(2014)Users' behavioral prediction for phishing detectionProceedings of the 23rd International Conference on World Wide Web10.1145/2567948.2577320(337-338)Online publication date: 7-Apr-2014
https://dl.acm.org/doi/10.1145/2567948.2577320

Index Terms

Context-aware web security threat prevention
1. Information systems
  1. Information retrieval
    1. Retrieval tasks and goals
      1. Document filtering
      2. Information extraction

Recommendations

Security Assurance Evaluation and IT Systems' Context of Use Security Criticality

Today's IT systems are ubiquitous and take the form of small portable devices, to the convenience of the users. However, the reliance on this technology is increasing faster than the ability to deal with the simultaneously increasing threats to ...
System security assurance: A systematic literature review
Abstract
System security assurance provides the confidence that security features, practices, procedures, and architecture of software systems mediate and enforce the security policy and are resilient against security failure and attacks. ...
Highlights
- Systematic literature review of security assurance of the ICT and CPSs.
- Study ...
Quantitative security assurance metrics: REST API case studies
ECSA '18: Proceedings of the 12th European Conference on Software Architecture: Companion Proceedings

Security assurance is the confidence that a system meets its security requirements based on specific evidences that an assurance technique provide. The notion of measuring security is complex and tricky. Existing approaches either (1) consider one ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

October 2012

1088 pages

ISBN:9781450316514

DOI:10.1145/2382196

General Chair:
Ting Yu
North Carolina State University, USA
,
Program Chairs:
George Danezis
Microsoft Research Cambridge, UK
,
Virgil Gligor
Carnegie Mellon University, USA

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 October 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Poster

Conference

CCS'12

Sponsor:

SIGSAC

CCS'12: the ACM Conference on Computer and Communications Security

October 16 - 18, 2012

North Carolina, Raleigh, USA

Acceptance Rates

Overall Acceptance Rate 1,234 of 6,846 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
544
Total Downloads

Downloads (Last 12 months)7
Downloads (Last 6 weeks)1

Reflects downloads up to 13 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Lee LLee KChen HTseng YAhn GYung MLi N(2014)POSTERProceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security10.1145/2660267.2662362(1448-1450)Online publication date: 3-Nov-2014
https://dl.acm.org/doi/10.1145/2660267.2662362
Lee LLee KJuan YChen HTseng YChung CBroder AShim KSuel T(2014)Users' behavioral prediction for phishing detectionProceedings of the 23rd International Conference on World Wide Web10.1145/2567948.2577320(337-338)Online publication date: 7-Apr-2014
https://dl.acm.org/doi/10.1145/2567948.2577320

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Security Assurance Evaluation and IT Systems' Context of Use Security Criticality

System security assurance: A systematic literature review

Quantitative security assurance metrics: REST API case studies