Ishihara, Takashi Graduate School of Natural Science and Technology, Okayama University
Sato, Masaya Graduate School of Natural Science and Technology, Okayama University ORCID Kaken ID publons researchmap
Yamauchi, Toshihiro Graduate School of Natural Science and Technology, Okayama University
As mobile devices have become more popular, malware and attacks directed at them have significantly increased. One of the methods to attack mobile devices is redirecting a user to unwanted websites by unwanted page transition. One of the countermeasures against such attacks is to generate a blacklist of URLs and hostnames, which can prevent access to malicious websites. To generate a blacklist, first, malicious websites are collected in the web space. Then, URLs and hostnames of the malicious websites are added to the blacklist. However, URLs of the malicious websites are typically changed frequently; thus, it is necessary to keep track of the malicious websites and update the blacklist in a timely manner. In this study, we proposed a method to generate blacklists for mobile devices by searching malicious websites. The method collects many HTML files from the web space using a crawler and searches for HTML files that are highly likely to be malicious using keywords extracted from the known malicious websites to discover the new ones. Thus, new malicious websites can be added to the blacklist in a timely manner. Using the proposed method, we discovered malicious websites that were not detected by Google Safe Browsing. Moreover, the blacklist generated using the method had a high detection rate for certain malicious websites. This paper reports the design process and the results of the evaluation of the new method.
© 2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
This fulltext is available in Nov. 2022.
7th International Workshop on Information and Communication Security (WICS 2020), Naha, Japan, 24-27 Nov. 2020
2020 Eighth International Symposium on Computing and Networking Workshops (CANDARW)
© 2020 IEEE