Automated Detection of Drive-By Download Attack
説明
To extract features of Drive-by-download traffic, we develop a system for visualizing the flow of HTTP traffic. Based on the typical behavior observed in malicious connections, we propose an automated detection system to classify drive-by download with the logical condition of some features such as the redirection methods and the object size. Our detection uses the decision tree learning with optimal threshold for learning data and successfully detect the malicious connection with the accuracy of 0.06 false negative and 0 false positive.
収録刊行物
-
- 2015 9th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing
-
2015 9th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing 511-515, 2015-07-01
IEEE