Paper Abstract and Keywords |
Presentation |
2021-03-02 09:35
An Efficient Discovery of Malicious URL Using VirusTotal and Web Access Log Chika Hiraishi, Rui Tanabe, Katsunari Yoshioka, Tsutomu Matsumoto (YNU) ICSS2020-55 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
The threats of malicious websites are increasing that, urgent countermeasures are needed. Using a block list of known malicious URLs is a standard method against these threats, and number of studies have been conducted to collect malicious URLs from Web access logs. In this paper, we propose a method for efficiently discovering malicious URLs from Web access logs. We abstract high-risk domains from Web access logs by focusing on risky users and risky URL categories, and submit them to VirusTotal, a cloud security service that checks submitted files and URLs, to collect related malicious URLs. Then, we resubmit these URLs to VirusTotal to obtain the latest AV scan results. In the evaluation experiment using a Web access log of 600 users, we show that by focusing on high-risk users and high-risk domain categories, we were able to collect twice as many malicious URLs compared to those when randomly selected. We also confirmed the effect of preventing users from accessing malicious sites by using the collected malicious URLs as a block list. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
VirusTotal / Malicious URL / Web access log / / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 120, no. 384, ICSS2020-55, pp. 172-177, March 2021. |
Paper # |
ICSS2020-55 |
Date of Issue |
2021-02-22 (ICSS) |
ISSN |
Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
ICSS2020-55 |
|