Abstract
Most existing work to thwart malicious web pages capture maliciousness via discriminative artifacts, learn a model, and detect by leveraging static and/or dynamic analysis. Unfortunately, there is a two-sided evolution of the artifacts of web pages. On one hand, cybercriminals constantly revamp attack payloads in malicious web pages. On the other hand, benign web pages evolve to improve content rendering and interaction with users. Consequently, the onceprecise detection techniques suffer from limitations to cope with the evolution, resulting in malicious web pages that escape detection. In this paper, we present EINSPECT, an evolution-aware and learning-based approach to address evolution of web page artifacts to more precisely analyze and detect malicious web pages. EINSPECT continuously tunes its detection models to automatically decide the best interplay of features and learning algorithms to embrace the evolution of web page artifacts into the analysis and detection. We have implemented and evaluated our approach and the results show that EINSPECT is able to improve the effectiveness of analysis and detection ofmalicious web pages while aligning the detection models with the continuous evolution of web page artifacts.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
