News‎ > ‎

Lab paper "Detection of hidden fraudulent URLs..."

posted May 16, 2013, 12:21 AM by Alberto Bartoli   [ updated May 16, 2013, 1:16 AM by Eric Medvet ]
Other great news: our work "Detection of Hidden Fraudulent URLs within Trusted Sites using Lexical Features" has been accepted at a prestigious security conference (ARES 2013).

In this work we developed a methodology for detecting fraudulent pages within trusted sites, that is, pages created by attackers within web sites of trusted organizations and placed at URLs at which no page is supposed (by the administrators of those sites) to exist. 

Our methodology allows detecting those fraudulent pages based solely on the structure of the URL, that is, without actually fetching the page.

The problem is highly relevant for many reasons, including: HTTPS does not provide any defense in this respect (the fraudulent pages are hosted on sites that, from HTTPS point of view, are authenticated and with content integrity); our recent large-scale analysis at sites of the Italian Public Administration showed that these sites do contain pages that should not be there.