Presentation | 2021-03-02 An Efficient Discovery of Malicious URL Using VirusTotal and Web Access Log Chika Hiraishi, Rui Tanabe, Katsunari Yoshioka, Tsutomu Matsumoto, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | The threats of malicious websites are increasing that, urgent countermeasures are needed. Using a block list of known malicious URLs is a standard method against these threats, and number of studies have been conducted to collect malicious URLs from Web access logs. In this paper, we propose a method for efficiently discovering malicious URLs from Web access logs. We abstract high-risk domains from Web access logs by focusing on risky users and risky URL categories, and submit them to VirusTotal, a cloud security service that checks submitted files and URLs, to collect related malicious URLs. Then, we resubmit these URLs to VirusTotal to obtain the latest AV scan results. In the evaluation experiment using a Web access log of 600 users, we show that by focusing on high-risk users and high-risk domain categories, we were able to collect twice as many malicious URLs compared to those when randomly selected. We also confirmed the effect of preventing users from accessing malicious sites by using the collected malicious URLs as a block list. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | VirusTotal / Malicious URL / Web access log |
Paper # | ICSS2020-55 |
Date of Issue | 2021-02-22 (ICSS) |
Conference Information | |
Committee | ICSS / IPSJ-SPT |
---|---|
Conference Date | 2021/3/1(2days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | Online |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | Security, Trust, etc. |
Chair | Hiroki Takakura(NII) |
Vice Chair | Katsunari Yoshioka(Yokohama National Univ.) / Kazunori Kamiya(NTT) |
Secretary | Katsunari Yoshioka(NICT) / Kazunori Kamiya(KDDI labs.) |
Assistant | Keisuke Kito(Mitsubishi Electric) / Toshihiro Yamauchi(Okayama Univ.) |
Paper Information | |
Registration To | Technical Committee on Information and Communication System Security / Special Interest Group on Security Psychology and Trust |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | An Efficient Discovery of Malicious URL Using VirusTotal and Web Access Log |
Sub Title (in English) | |
Keyword(1) | VirusTotal |
Keyword(2) | Malicious URL |
Keyword(3) | Web access log |
1st Author's Name | Chika Hiraishi |
1st Author's Affiliation | Yokohama National University(YNU) |
2nd Author's Name | Rui Tanabe |
2nd Author's Affiliation | Institute of Advanced Sciences, Yokohama National University(YNU) |
3rd Author's Name | Katsunari Yoshioka |
3rd Author's Affiliation | Graduate School of Environment and Information Sciences, Yokohama National University/Institute of Advanced Sciences, Yokohama(YNU) |
4th Author's Name | Tsutomu Matsumoto |
4th Author's Affiliation | Graduate School of Environment and Information Sciences, Yokohama National University/Institute of Advanced Sciences, Yokohama(YNU) |
Date | 2021-03-02 |
Paper # | ICSS2020-55 |
Volume (vol) | vol.120 |
Number (no) | ICSS-384 |
Page | pp.pp.172-177(ICSS), |
#Pages | 6 |
Date of Issue | 2021-02-22 (ICSS) |