期刊文献+

恶意网页识别研究综述 预览 被引量:15

Survey on Malicious Webpage Detection Research
在线阅读 下载PDF
收藏 分享 导出
摘要 近年来,随着互联网的迅速发展以及网络业务的不断增长,恶意网页给人们的个人隐私和财产安全造成的威胁日趋严重.恶意网页识别技术作为抵御网络攻击的核心安全技术,可以帮助人们有效避免恶意网页引起的安全威胁,确保网络安全.文中从理论分析和方法设计两方面介绍了恶意网页识别的最新研究成果.在理论分析层面,从恶意网页的基本概念和形式化定义出发,对恶意网页识别的应用场景、基本框架及评价方法进行全面的归纳,并总结了恶意网页识别的理论依据及性能评价指标.在方法设计层面,对具有影响力的恶意网页识别方法进行了介绍和归类,对不同类别的识别方法进行了定性分析和横向比较.在总结恶意网页识别研究现状的基础上,从客观环境的变化以及逃逸技术的升级两方面深入探讨了当前恶意网页识别面临的技术挑战.最后总结并展望了恶意网页识别的未来发展方向. In recent years, with the rapid development of Internet and the increasing growth of network services and security needs, the existence of malicious web pages have become a much more serious problem for personal privacy and property safety. As one of the key technologies to resist network attacks, the detection techniques for malicious web pages can effectively help people avoid potential security threats and thus ensure the network security. In this paper, we describe the latest research achievements from theory to practice. It starts from the introduction of the formal definition of malicious web pages, and followed by concluding the detection techniques' application scenarios, basic framework and evaluation principles. Then, it introduces several typical detection schemes, classifies them into categories, and finally puts them to a horizontal comparison. Based on the understanding of the research status in malicious web page detection schemes, this paper presents an in-depth discussion of the current challenges in which people have to face, including both dynamical changes of the objective environments and upgrades of the escape techniques. Finally, it looks into the future of this field.
作者 沙泓州 刘庆云 柳厅文 周舟 郭莉 方滨兴 SHA Hong-Zhou, LIU Qing-Yun, LIU Ting-Wen, ZHOU Zhou, GUO Li, FANG Bin-Xing (1 institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093;2School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876) ; 3National Engineering Laboratory for Information Security Technology, Beijing 100093)
出处 《计算机学报》 EI CSCD 北大核心 2016年第3期529-542,共14页 Chinese Journal of Computers
基金 中国科学院战略性先导科技专项(XDA06030200) 国家科技支撑计划(2012BAH46B02) 国家自然科学基金项目(61402474)资助.
关键词 恶意网页识别 网页分类 机器学习 逃逸技术 malicious web page detection web page classification machine learning escape technology
  • 相关文献

参考文献61

  • 1Mahmoud K, Youssef I, Andrew J. Phishing detection: A literature survey. IEEE Communications Surveys & Tutorials, 2013, 15(4): 2091-2121. 被引量:1
  • 2Paul K, Georgia K, Hector G M. Fighting spam on social Web sites a survey of approaches and future challenges. IEEE Internet Computing, 2007, 11(6): 36-45. 被引量:1
  • 3Priya M, Sandhya L, Ciza T. A static approach to detect drive-by-download attacks on Webpages//Proceedings of the International Conference on Control Communication and Computing. Xi'an, China, 2013:298-303. 被引量:1
  • 4Mavrommatis N P P, Monrose M A R F. All your iframes point to us//Proceedings of the 17th USENIX Security Symposium. San Jose, USA, 2008:1-22. 被引量:1
  • 5Ma J, Saul L K, Savage S, Voetker G M. Beyond blacklists: Learning to detect malicious Web sites from suspicious URLs//Proceedings of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. New York, USA, 2009: 1245-1253. 被引量:1
  • 6Ma J, Saul L K, Savage S, Voelker G M. Identifying suspi- cious URLs: An application of large-scale online learning// Proceedings of the 26th Annual International Conference on Machine Learning. Montreal, Canada, 2009:681-688. 被引量:1
  • 7Ma J, Saul L K, Savage S, Voelker G M. Learning to detect malicious URLs. ACM Transactions on Intelligent Systems and Technology, 2011, 2(3): 1-24. 被引量:1
  • 8Canali D, et al. Prophiler: A fast filter for the large-scale detection of malicious Web pages//Proceedings of the 20th International Conference on World Wide Web. Hyderabad, India, 2011:197-206. 被引量:1
  • 9Thomas K, et al. Design and evaluation of a real-time URL spam filtering service//Proceedings of the IEEE Symposium on Security and Privacy. Oakland, USA, 2011:447-462. 被引量:1
  • 10Yadav S, Reddy A K K, Reddy A L, et al. Detecting algorithmic.ally generated malicious domain names//Proeeedings of the 10th ACM SIGCOMM Conference on Internet Measurement. New York, USA, 2010:48-61. 被引量:1

二级参考文献240

  • 1张艳军,陈友,郭莉,程学旗.基于决策树的递归包分类算法[J].北京邮电大学学报,2006(z2):45-48. 被引量:1
  • 2程杰仁,殷建平,刘运,钟经伟.蜜罐及蜜网技术研究进展[J].计算机研究与发展,2008(z1):375-378. 被引量:31
  • 3张慧琳,诸葛建伟,宋程昱,韩心慧,邹维,.基于网页动态视图的网页木马检测方法[J].清华大学学报:自然科学版,2009,0(S2):2126-2132. 被引量:8
  • 4曹爱娟,刘宝旭,许榕生.网络陷阱与诱捕防御技术综述[J].计算机工程,2004,30(9):1-3. 被引量:26
  • 5Varghese G. Network Algorithmics= An Interdisciplinary Approach to Designing Fast Networked Devices. New York: Morgan Kaufmann Publishers, 2005. 被引量:1
  • 6Chao J, Liu B. High Performance Switches and Routers. New York: Wiley, 2007. 被引量:1
  • 7徐恪,吴建平,徐明伟.高等计算机网络:体系结构、协议机制、算法设计与路由器技术.第2版.北京:机械工业出版社,2009. 被引量:1
  • 8Casado M, Freedman M J, Pettit J, Luo J, McKeown N Shenker S. Ethane: Taking control of the enterprise//Pro ceedings of the ACM SIGCOMM. New York, USA, 2007 I 12. 被引量:1
  • 9Joseph D, Tavakoli A, Stoica I. A policy aware switching layer for data centers//Proceedings of the ACM SIGCOMM. Seattle, USA, 2008:51 62. 被引量:1
  • 10Koponen T, Casado M, Gude N, Stribling J, Poutievski L, Zhu M, Ramanathan R, Iwata Y, Inoue H, Hama T, Shen- ker S. ()nix: A distributed control platform for large-scale production networks//Proeeedings of the 9th USENIX Sym posium on Operating Systems Design and Implementation (OSDI 10). Vancouver, Canada, 2010:351-364. 被引量:1

共引文献164

同被引文献59

引证文献15

二级引证文献30

投稿分析
职称考试

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部 意见反馈