Title page for etd-0715109-165704


[Back to Results | New Search]

URN etd-0715109-165704
Author Jia-bin Lin
Author's Email Address m953040065@student.nsysu.edu.tw
Statistics This thesis had been viewed 5571 times. Download 1536 times.
Department Computer Science and Engineering
Year 2008
Semester 2
Degree Master
Type of Document
Language zh-TW.Big5 Chinese
Title Anomaly Based Malicious URL Detection in Instant Messaging
Date of Defense 2009-06-17
Page Count 72
Keyword
  • Malicious URL
  • Instant Messaging
  • IM Worms
  • Abstract Instant messaging (IM) has been a platform of spreading malware for hackers due to its popularity and immediacy. To evade anti-virus detection, hacker might send malicious URL message, instead of malicious binary file. A malicious URL is a link pointing to a malware file or a phishing site, and it may then propagate through the victim's contact list. Moreover, hacker sometimes might use social engineering tricks making malicious URLs hard to be identified. The previous solutions are improper to detect IM malicious URL in real-time. Therefore, we propose a novel approach for detecting IM malicious URL in a timely manner based on the anomalies of URL messages and sender's behavior. Malicious behaviors are profiled as a set of behavior patterns and a scoring model is developed to evaluate the significance of each anomaly. To speed up the detection, the malicious behavior patterns can identify known malicious URLs efficiently, while the scoring model is used to detect unknown malicious URLs. Our experimental results show that the proposed approach achieves low false positive rate and low false negative rate.
    Advisory Committee
  • Chia-Mei Chen - chair
  • Chun-I Fan - co-chair
  • D. J. Guan - advisor
  • Files
  • etd-0715109-165704.pdf
  • indicate accessible in a year
    Date of Submission 2009-07-15

    [Back to Results | New Search]


    Browse | Search All Available ETDs

    If you have more questions or technical problems, please contact eThesys