Zhou Li (Indiana University) "Understanding and detecting malicious web activities" (2014)

You are here

Inside Signal Processing Newsletter Home Page

Top Reasons to Join SPS Today!

1. IEEE Signal Processing Magazine
2. Signal Processing Digital Library*
3. Inside Signal Processing Newsletter
4. SPS Resource Center
5. Career advancement & recognition
6. Discounts on conferences and publications
7. Professional networking
8. Communities for students, young professionals, and women
9. Volunteer opportunities
10. Coming soon! PDH/CEU credits
Click here to learn more.

News and Resources for Members of the IEEE Signal Processing Society

Zhou Li (Indiana University) "Understanding and detecting malicious web activities" (2014)

Zhou Li Indiana University”Understanding and detecting malicious web activities”, Advisor: Wang XiaoFeng, 2014

 The technological progress in today's Web not only fosters a booming Web industry, but also provides new opportunities to criminals who are industrializing their dark business. Capturing the malicious activities launched by attackers is not a trivial task as attackers' strategies are becoming increasingly sophisticated. In this dissertation research, the author performed a large-scale, systematically study on the behaviors and strategies of web attackers and developed three new techniques for detecting malicious activities in different scenarios. The author first studied an emerging threat that the attacker abuses the online advertising channel to deliver the malicious content to the web client. To mitigate the threat, the author leveraged the topological properties underlying the delivery of malicious Ads and built a detector that can automatically catch the malicious activities. The author further studied malicious Web infrastructure, which reveals the existence of dedicated malicious hosts that play orchestrating roles in malicious activities. In their research, the author identified their distinctive topological features and developed a detection technique to identify them in a large scale. Finally, the author examined an attack against vulnerable websites, in which the adversary compromises vulnerable sites and injects redirection scripts that bring visitors to malicious sites. The study shows that attackers blindly place their attack payloads on various web contents, including copies of popular open-source libraries. By comparing those libraries' original copies and compromised ones, the author built a new technique capable of extracting malicious content in a large scale.

For details, please contact the author or visit the thesis page.

Table of Contents:


IEEE SPS Educational Resources

IEEE SPS Resource Center

IEEE SPS YouTube Channel