TY - GEN
T1 - Method of Generating a Blacklist for Mobile Devices by Searching Malicious Websites
AU - Ishihara, Takashi
AU - Sato, Masaya
AU - Yamauchi, Toshihiro
N1 - Publisher Copyright:
© 2020 IEEE.
Copyright:
Copyright 2021 Elsevier B.V., All rights reserved.
PY - 2020/11
Y1 - 2020/11
N2 - As mobile devices have become more popular, mal-ware and attacks directed at them have significantly increased. One of the methods to attack mobile devices is redirecting a user to unwanted websites by unwanted page transition. One of the countermeasures against such attacks is to generate a blacklist of URLs and hostnames, which can prevent access to malicious websites. To generate a blacklist, first, malicious websites are collected in the web space. Then, URLs and hostnames of the malicious websites are added to the blacklist. However, URLs of the malicious websites are typically changed frequently; thus, it is necessary to keep track of the malicious websites and update the blacklist in a timely manner. In this study, we proposed a method to generate blacklists for mobile devices by searching malicious websites. The method collects many HTML files from the web space using a crawler and searches for HTML files that are highly likely to be malicious using keywords extracted from the known malicious websites to discover the new ones. Thus, new malicious websites can be added to the blacklist in a timely manner. Using the proposed method, we discovered malicious websites that were not detected by Google Safe Browsing. Moreover, the blacklist generated using the method had a high detection rate for certain malicious websites. This paper reports the design process and the results of the evaluation of the new method.
AB - As mobile devices have become more popular, mal-ware and attacks directed at them have significantly increased. One of the methods to attack mobile devices is redirecting a user to unwanted websites by unwanted page transition. One of the countermeasures against such attacks is to generate a blacklist of URLs and hostnames, which can prevent access to malicious websites. To generate a blacklist, first, malicious websites are collected in the web space. Then, URLs and hostnames of the malicious websites are added to the blacklist. However, URLs of the malicious websites are typically changed frequently; thus, it is necessary to keep track of the malicious websites and update the blacklist in a timely manner. In this study, we proposed a method to generate blacklists for mobile devices by searching malicious websites. The method collects many HTML files from the web space using a crawler and searches for HTML files that are highly likely to be malicious using keywords extracted from the known malicious websites to discover the new ones. Thus, new malicious websites can be added to the blacklist in a timely manner. Using the proposed method, we discovered malicious websites that were not detected by Google Safe Browsing. Moreover, the blacklist generated using the method had a high detection rate for certain malicious websites. This paper reports the design process and the results of the evaluation of the new method.
KW - Android
KW - Blacklist
KW - Malicious Websites
KW - Web-based Attack
UR - http://www.scopus.com/inward/record.url?scp=85102196881&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85102196881&partnerID=8YFLogxK
U2 - 10.1109/CANDARW51189.2020.00070
DO - 10.1109/CANDARW51189.2020.00070
M3 - Conference contribution
AN - SCOPUS:85102196881
T3 - Proceedings - 2020 8th International Symposium on Computing and Networking Workshops, CANDARW 2020
SP - 328
EP - 333
BT - Proceedings - 2020 8th International Symposium on Computing and Networking Workshops, CANDARW 2020
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 8th International Symposium on Computing and Networking Workshops, CANDARW 2020
Y2 - 24 November 2020 through 27 November 2020
ER -