Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Social network analysis of malicious websites for detection and characterization
Download
index.pdf
Date
2019
Author
Aldemir, Muhsin
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
114
views
153
downloads
Cite This
Malicious websites pose major risks to users and businesses including economic damages, privacy breaches and loss of valuable data. Malicious actors use websites as a spreading medium for their motives. Analyzing the relationships between malicious websites and comparing them to benign ones can help understand the problem better, and enable detection and prevention of these websites more accurately. This thesis focuses on detection and characterization of malicious websites using Social Network Analysis (SNA). SNA provides powerful methodologies for discovering and visualizing the relationships between actors. By utilizing the links in between and among malicious and benign websites, graphs were constituted, whose nodes were websites and ties were hyperlinks between them. For this purpose, the data which included the snapshot of the pairwise links amongst hundreds of thousands of websites, the list of malicious websites and their types were obtained from the web. First, networks of malicious websites were formed. Then, using these networks new analyses were carried out to efficiently find malicious websites and their types based on their network structures and link similarities. Results were presented showing the detection accuracies of applied methods.
Subject Keywords
Web sites.
,
Malicious Websites
,
Social Network Analysis
,
Webgraphs
,
Crawler
,
Malware.
URI
http://etd.lib.metu.edu.tr/upload/12624843/index.pdf
https://hdl.handle.net/11511/45284
Collections
Graduate School of Informatics, Thesis
Suggestions
OpenMETU
Core
Malicious code detection: run trace analysis by LSTM
Şırlancı, Melih; Acartürk, Cengiz; Gürkan Balıkçıoğlu, Pınar; Department of Cybersecurity (2021-6)
Malicious software threats and their detection have been gaining importance as a subdomain of information security due to the expansion of ICT applications in daily settings. A major challenge in designing and developing anti-malware systems is the coverage of the detection, particularly the development of dynamic analysis methods that can detect polymorphic and metamorphic malware efficiently. In the present study, we propose a methodological framework for detecting malicious code by analyzing run trace ou...
Automatic detection of cyber security events from Turkish twitter stream and Turkish newspaper data
Ural, Özgür; Acartürk, Cengiz; Department of Cyber Security (2019)
Cybersecurity experts scan the internet and face security events that influence users, institutions, and governments. An information security analyst regularly examines sources to stay up to date on security events in her/his domain of expertise. This may lead to a heavy workload for the information analysts if they do not have proper tools for security event investigation. For example, an information analyst may want to stay aware of cybersecurity events, such as a DDoS (Distributed Denial of Service) atta...
A new approach for reactive web usage data processing
Bayir, Murat Ali; Toroslu, İsmail Hakkı; Coşar, Ahmet (2006-01-01)
© 2006 IEEE.Web usage mining exploits data mining techniques to discover valuable information from navigation behavior of World Wide Web (WWW) users. The required information is captured by web servers and stored in web usage data logs. The first phase of web usage mining is the data processing phase. In the data processing phase, first, relevant information is filtered from the logs. After that, sessions are reconstructed by using heuristics that select and group requests belonging to the same user session...
A faster intrusion detection method for high-speed computer networks
Tarım, Mehmet Cem; Schmidt, Şenan Ece; Department of Electrical and Electronics Engineering (2011)
The malicious intrusions to computer systems result in the loss of money, time and hidden information which require deployment of intrusion detection systems. Existing intrusion detection methods analyze packet payload to search for certain strings and to match them with a rule database which takes a long time in large size packets. Because of buffer limits, packets may be dropped or the system may stop working due to high CPU load. In this thesis, we investigate signature based intrusion detection with sig...
Automatic detection of cyber security events from turkish twitter stream and newspaper data
Ural, Özgür; Acartürk, Cengiz (2021-01-01)
Cybersecurity experts scan the internet and face security events that influence user and institutions. An information security analyst regularly examines sources to stay up to date on security events in the domain of expertise. This may lead to a heavy workload for the information analysts if they do not have proper tools for security event investigation. For example, an information analyst may want to stay aware of cybersecurity events, such as a DDoS (Distributed Denial of Service) attack on a government ...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
M. Aldemir, “Social network analysis of malicious websites for detection and characterization,” Thesis (M.S.) -- Graduate School of Informatics. Information Systems., Middle East Technical University, 2019.
