DigitalWatering Hole Attack Detection Using Sequential Pattern
DOI:
https://doi.org/10.13052/2245-1439.711Keywords:
Watering hole, Relative confidence, Cyber attack, Sequence pattern, PhishingAbstract
Internet plays a vital role in day to day communication, business transactions etc and thus unavoidable. But many of the users are lagging in using the same in a secured manner which increases the possibility of attack. In 2017, Attackers had targeted dozens of global banks with new malware.Watering hole attacks attempt to infect more than 100 organizations in 31 different countries. It is becoming very difficult to detect and prevent the cyber attacks, since new attacks are increasing day by day.Awatering hole attack is a computer attack in which the attacker aims to victim the kind of websites that the target group go to often and checks these websites for vulnerabilities. After that by injecting Java Script or HTMLredirects the victim to a separate site hosting the exploit code for the chosen vulnerability. In this paper, a novel method is proposed to detect the possibility of watering hole attack using support count and confidence of the sequence pattern mining. Further by analysing the website URL links, alarming the users about the watering hole attack.
Downloads
References
Kirda, E., and Kruegel, C. (2005). Protecting users against phishing attacks with antiphish. In Computer Software and Applications Conference, 2005. COMPSAC 2005. 29th Annual International, 1, 517–524. IEEE.
Fette, I., Sadeh, N., and Tomasic, A. (2007). Learning to detect phishing emails. In Proceedings of the 16th international conference on World Wide Web 649–656. ACM.
Barraclough, P., and Sexton, G. (2015). Phishing website detection fuzzy system modelling. In Science and Information Conference (SAI), 2015 1384–1386. IEEE. London, UK, DOI:10.1109/SAI.2015.7237323
Zhang, J., Ou, Y., Li, D., and Xin, Y. (2012). A Prior-based Transfer Learning Method for the Phishing Detection. JNW, 7(8), 1201–1207.
Afroz, S., and Greenstadt, R. (2011, September). Phishzoo: Detecting phishing websites by looking at them. In Semantic Computing (ICSC), 2011 Fifth IEEE International Conference on 368–375. IEEE. DOI:10.1109/ICSC.2011.27
Mahmood Ali, M., and Rajamani, L. (2012). “APD: ARM Deceptive Phishing Detector System Phishing Detection in Instant Messengers Using Data Mining Approach”, In Global Trends in Computing and Communication Systems CCIS 269, 490–502.
Hamid, I. R. A., Abawajy, J., and Kim, T. H. (2013). Using feature selection and classification scheme for automating phishing email detection. Studies in Informatics and Control, 22(1), 61–70.
Na, S. Y., Kim, H., and Lee, D. H. (2014). Prevention schemes against phishing attacks on internet banking systems. International Journal of Advances in Soft Computing & Its Applications, 6(1), 1–5.
Subburaj, T., Suthendran, K., and Arumugam, S. (2017). “Statistical Approach to Trace the Source of Attack Based on the Variability in Data Flows”, In International Conference on Theoretical Computer Science and Discrete Mathematics, 392–400.
Subburaj T., and Suthendran, K. (2017). “Detection and Trace Back of DDoS Attack Based on Statistical Approach”, Journal of Advanced Research in Dynamical & Control Systems, 66–74.
Available at: https://krebsonsecurity.com/tag/watering-hole-attack/
Available at: http://www.symantec.com/connect/blogs/internet-explorer-zero-day-used-watering-hole-attack-qa
Available at: http://www.link-checker-pro.com/
Council on Foreign Relations Website Hit by Watering Hole Attack, “IE Zero-Day Exploit”. Threat posts the first stop for security news. 2012-12-29. Retrieved 2017-04-02.
Attackers target dozens of global banks with new malware. Symantec Security Response. Retrieved 2017-04-02.l
Available at: https://threatpost.com/researchers-find-blackenergy-apt-links-in-expetr-code/126662
