Anomaly behavior analysis of website vulnerability and security

Pratik Satam, Douglas Kelly, Salim Hariri

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Scopus citations

Abstract

The world wide web has grown exponentially over the previous decade in terms of its size that is currently over a billion sties, as well as the number of users. In fact, web usage has become pervasive to touch all aspects of our life, economy and education. These rapid advances have also significantly increase the vulnerabilities of websites that are being hacked on a daily basis. According to White Hat security's '2015 Website Security Statistics Report' more than 86% of all websites have one or more critical vulnerability and the likelihood of information leakage is 56%. With no effective website security measures in place, one can expect the website security to be even more critical. The main research goal of this paper is to overcome this challenge by presenting an online anomaly behavior analysis of websites (e.g., HTML files) to detect any malicious codes or pages that have been injected by web attacks. Our anomaly analysis approach utilizes feature selection, data mining, data analytics and statistical techniques to identify accurately the webpage contents that have been compromised or can be exploited by attacks such as phishing attacks, cross site scripting attacks, html injection attacks, malware insertion attacks, just to name a few. We have validated our approach on more than 10,000 files and showed that our approach can detect malicious HTML files with a true positive rate of 99% and a false positive rate of 0.8% for abnormal files.

Original languageEnglish (US)
Title of host publication2016 IEEE/ACS 13th International Conference of Computer Systems and Applications, AICCSA 2016 - Proceedings
PublisherIEEE Computer Society
ISBN (Electronic)9781509043200
DOIs
StatePublished - Jul 2 2016
Event13th IEEE/ACS International Conference of Computer Systems and Applications, AICCSA 2016 - Agadir, Morocco
Duration: Nov 29 2016Dec 2 2016

Publication series

NameProceedings of IEEE/ACS International Conference on Computer Systems and Applications, AICCSA
Volume0
ISSN (Print)2161-5322
ISSN (Electronic)2161-5330

Other

Other13th IEEE/ACS International Conference of Computer Systems and Applications, AICCSA 2016
Country/TerritoryMorocco
CityAgadir
Period11/29/1612/2/16

Keywords

  • Data analysis
  • Deision fusion
  • Feature extraction
  • HTMl
  • Machine learning
  • Static analysis

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Hardware and Architecture
  • Signal Processing
  • Control and Systems Engineering
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'Anomaly behavior analysis of website vulnerability and security'. Together they form a unique fingerprint.

Cite this