Target Website Research Articles

A Hybrid Framework for Improved Weighted Quantum Particle Swarm Optimization and Fast Mask Recurrent CNN to Enhance Phishing-URL Prediction Performance

Phishing websites are cybercrimes that aim to collect confidential data, including bank card numbers, bank accounts, and credentials. To detect phishing sites, specialists must extract the elements of the websites and utilize third-party resources. One of the drawbacks of these methods is that identifying phishing characteristics takes a lot of effort and knowledge. Second, the recognition of phishing websites is delayed when third-party services are used. A novel detecting system Improved Weighted Quantum Particle Swarm Optimisation (IWQPSO) and Fast Mask Recurrent Convolutional Neural Network (FMRCNN) proposed to strengthen and empower the technique of identifying phishing URLs. The proposed model does not require the retrieval of target website content or the use of any third-party services. Phishing attacks continue to pose significant cyber-security threats, particularly through deceptive URLs. This study proposes a novel approach to enhance phishing-URL prediction using a hybrid methodology. The method integrates an IWQPSO-FMRCNN. The IWQPSO algorithm is leveraged to optimize the weights and parameters of the FMRCNN model, enhancing its performance in distinguishing between legitimate and phishing URLs. By combining the strengths of evolutionary optimization and deep learning, the proposed approach aims to achieve higher accuracy 99.3%, precision 94.6%, F1-Score 96.7%, Recall 98.2% and AUC score 97.9% in detecting phishing URLs compared to existing methods. Experimental results demonstrate the effectiveness of the proposed hybrid method in improving phishing-URL prediction performance, providing a promising avenue for enhancing cyber-security measures against online threats.

WebDraw: A machine learning-driven tool for automatic website prototyping

To overcome the time-consuming nature and improve the cost-effectiveness of classical web development, being automatic is the most convenient alternative recent researchers suggest. Over the years, researchers have been working on inventing new approaches to generating websites automatically. In this paper, a novel approach is presented that automates the website generation process by incorporating web designer best practices and driving new prototype websites without the significant effort of redesigning websites. It takes high-fidelity mock-up design artifacts such as screen captures of real-world websites, and generates functional websites similar to the input websites, which involves three steps: GUI element detection, classification, and code generation. First, image processing techniques are applied to detect atomic web GUI elements from a mock-up design artifact of a real-world website. Second, a Convolutional Neural Network (CNN) is trained to classify the extracted web GUI elements into their domain-specific types such as headings, paragraphs, images, etc. A Graphical User Interface (GUI) is typically represented in code as a hierarchical tree, with nested GUI elements bundled together within one another to construct a tree. A recursive algorithm is proposed that constructs the appropriate Document Object Model (DOM) hierarchy for a website by recursively grouping classified web GUI elements within each other. Finally, the constructed DOM is converted to the accurate native code. The approach was implemented as a tool called WebDraw. Design science research evaluation shows that WebDraw achieves an average of 90% web GUI element classification and generates website prototypes that are visually similar to the target website design mock-up artifact while producing functional GUI code. Furthermore, interviews with industry professionals illustrate WebDraw's industry relevance for improving their industrial web design and development workflows.

Effective website fingerprinting attack based on the first packet direction only

Tor is an anonymity protocol that utilizes multi-layers onion encryption to protect the privacy and anonymity of clients during crawling websites. However, Tor is vulnerable to website fingerprinting attacks in that the adversary analyzes the transferred traffic patterns passively and detects visited websites without decryption. The core of fingerprinting attacks depends on flow-based network information such as packet direction information that cannot be concealed using encryption. In the real world, the packet streams observed during a website fetch may be affected by network events like changes in download rate, queuing, retransmission, and packet loss. In this paper, we propose a correlation-based website fingerprinting attack based on only the packet direction information as a set of observations of random variables with an unknown probability distribution. In the proposed attack, instead of the whole of the traffic instances for each website, only the first fraction of transmitted packets are used for fingerprinting. The main focus of the proposed attack is on the preprocessing and classification parts and aims to evaluate the importance of direction information in website detection and mitigate the adverse effects of unpredicted network noises in attack performance. The preprocessing phase preprocesses background noises and unpredicted network events that a real-world adversary may confront. The CorrClassifier model is designed as a prototype of a classifier tailored to the attack conditions to calculate the similarity distance of observed traffic patterns to detect visited websites and reduce the complexity of the attack using a low-dimension correlation method. Preprocessing the noises before feeding them to the classifier helps the accuracy keep up more robustly while the polarity of the target website grows gradually because of the unexpected network conditions. Experiments in a closed-world setting indicate the effectiveness of the proposed method in detecting the targeted websites with 95% accuracy using only the first fraction of direction information.

Web Site Fingerprint Attack Generation Technology Combined with Genetic Algorithm

An anonymous network can be used to protect privacy and conceal the identities of both communication parties. A website fingerprinting attack identifies the target website for the data access by matching the pattern of the monitored data traffic, rendering the anonymous network ineffective. To defend against fingerprint attacks on anonymous networks, we propose a novel adversarial sample generation method based on genetic algorithms. We can generate effective adversarial samples with minimal cost by constructing an appropriate fitness function to select samples, allowing us to defend against several mainstream attack methods. The technique reduces the accuracy of a cutting-edge attack hardened with adversarial training from 90% to 20–30%. It also outperforms other defense methods of the same type in terms of information leakage rate.

Attacking DoH and ECH: Does Server Name Encryption Protect Users’ Privacy?

Privacy on the Internet has become a priority, and several efforts have been devoted to limit the leakage of personal information. Domain names, both in the TLS Client Hello and DNS traffic, are among the last pieces of information still visible to an observer in the network. The Encrypted Client Hello extension for TLS, DNS over HTTPS or over QUIC protocols aim to further increase network confidentiality by encrypting the domain names of the visited servers. In this article, we check whether an attacker able to passively observe the traffic of users could still recover the domain name of websites they visit even if names are encrypted. By relying on large-scale network traces, we show that simplistic features and off-the-shelf machine learning models are sufficient to achieve surprisingly high precision and recall when recovering encrypted domain names. We consider three attack scenarios, i.e., recovering the per-flow name, rebuilding the set of visited websites by a user, and checking which users visit a given target website. We next evaluate the efficacy of padding-based mitigation, finding that all three attacks are still effective, despite resources wasted with padding. We conclude that current proposals for domain encryption may produce a false sense of privacy, and more robust techniques should be envisioned to offer protection to end users.

Search engine manipulation to spread pro-Kremlin propaganda

The Kremlin’s use of bots and trolls to manipulate the recommendation algorithms of social media platforms is well-documented by many journalists and researchers. However pro-Kremlin manipulation of search engine algorithms has rarely been explored. We examine pro-Kremlin attempts to manipulate search engine results by comparing backlink and keyphrase networks of US, European, and Russian think tanks, as well as Kremlin-linked “pseudo” think tanks that target Western audiences. Our evidence suggests that pro-Kremlin pseudo-think tanks are being artificially boosted and co-amplified by a network of low-quality websites that generate millions of backlinks to these target websites. We find that Google’s search algorithm appears to be penalizing Russian and pseudo-think tank domains.

Toward practical defense against traffic analysis attacks on encrypted DNS traffic

The primary goal of the DNS-over-HTTPS (DoH) protocol is to address users’ privacy concerns regarding on-path adversaries, including local ISPs, who observe DNS traffic to learn web browsing activities even when the web traffic is not observable. To achieve this goal, in DoH protocol, DNS traffic between a DNS client and its local DNS resolver is channeled through an encrypted HTTPS tunnel. However, as shown in previous studies, adversaries can still infer users’ web browsing activities from encrypted DoH traffic through machine-learning-based traffic analysis (TA) attacks. These attacks rely on unencryptable features in the DNS footprint of a website, including query/response lengths and counts and delays between subsequent queries (timing), to identify which website is being visited. To defend against such TA attacks, existing DoH clients and resolvers pad DNS queries and responses with null bytes to specific block sizes before encrypting them, as recommended in RFC 8467. However, as shown by prior research and our current work, this padding alone is not effective in defeating TA attacks, and even with this padding, attackers can still achieve over 95% accuracy.In this paper, we propose a novel client-side obfuscation approach to defeat TA attacks on the DoH footprint of websites. Using a combination of (1) compression-aware padding, (2) fake query injection, and (3) random delaying of queries, our approach obfuscates query/response lengths, counts, and timings. Our approach does not require changes to existing protocols and is incrementally deployed on client machines as a local proxy. Using a robust classifier with a comprehensive set of over 150 features derived from recently proposed traffic analysis attacks on encrypted DNS traffic and experimenting with the Cloudflare and Google resolvers and 200 target websites, we show that while with the existing padding-only obfuscation, the TA attacker can achieve over 95.58% accuracy, our obfuscation algorithm can degrade this accuracy to below 9% with reasonable overhead.

Developing Intelligent Assistants to Search for Content on Websites of a Certain Genre

This paper discusses an approach to automatic generation of intelligent assistants, which provide information search on the content of a website. A feature of the approach is to use genre models, developed for a given type of resource (educational, informational, etc.), on the basis of which the genre structuring and subsequent thematic clustering of the content of the target website is performed. The resulting genre structures allow us to define more precisely the boundaries of thematic clusters related to the topic of the user’s search query. The search quality evaluation for the Russian-language websites showed an F-score of 87.8% and originality of 80.9%, which exceeds the Yandex search engine results by 1.1% and 9.1%, respectively. In order to predict user information needs, a method for refining the resulting sample is proposed. It allows a user to get information implicitly, based on current and previous queries, about what the user was not satisfied with in the previous search results. A model of user’s search intentions has been developed and its computational component includes a method for evaluating query closeness based on the FRiS function. Based on the proposed methods, a chatbot was created on the Telegram messenger platform to search the websites of educational institutions. The experiments showed that the user needs the average of 1.75 qualifying questions to find the necessary information.

Construction and validation model of necroptosis-related gene signature associates with immunity for osteosarcoma patients

Osteosarcoma is the most common malignant tumor in children and adolescents and its diagnosis and treatment still need to be improved. Necroptosis has been associated with many malignancies, but its significance in diagnosing and treating osteosarcoma remains unclear. The objective is to establish a predictive model of necroptosis-related genes (NRGs) in osteosarcoma for evaluating the tumor microenvironment and new targets for immunotherapy. In this study, we download the osteosarcoma data from the TARGET and GEO websites and the average muscle tissue data from GTEx. NRGs were screened by Cox regression analysis. We constructed a prediction model through nonnegative matrix factorization (NMF) clustering and the least absolute shrinkage and selection operator (LASSO) algorithm and verified it with a validation cohort. Kaplan–Meier survival time, ROC curve, tumor invasion microenvironment and CIBERSORT were assessed. In addition, we establish nomograms for clinical indicators and verify them by calibration evaluation. The underlying mechanism was explored through the functional enrichment analysis. Eight NRGs were screened for predictive model modeling. NRGs prediction model through NMF clustering and LASSO algorithm was established. The survival, ROC and tumor microenvironment scores showed significant statistical differences among subgroups (P < 0.05). The validation model further verifies it. By nomogram and calibration, we found that metastasis and risk score were independent risk factors for the poor prognosis of osteosarcoma. GO and KEGG analyses demonstrate that the genes of osteosarcoma cluster in inflammatory, apoptotic and necroptosis signaling pathways. The significant role of the correlation between necroptosis and immunity in promoting osteosarcoma may provide a novel insight into detecting molecular mechanisms and targeted therapy.

Task adaptive siamese neural networks for open-set recognition of encrypted network traffic with bidirectional dropout

• Create highly distinguishable similarity scores by a bidirectional dropout method. • Handle task adaptive open-set recognition by a non-parametric Bayesian based metric. • Improve the confidence of similarity scores by a hierarchical cross entropy loss. • Experiments demonstrate our method achieves high performance and generalizability . Existing deep learning approaches have achieved high performance in encrypted network traffic analysis tasks. However, practical requirements such as open-set recognition on dynamically changing tasks (e.g., changes in the target website list), challenge existing methods. While few-shot learning and open-set recognition methods have been proposed for domains such as computer vision , few-shot open-set recognition for encrypted network traffic remains an unexplored area. This paper proposes a task adaptive siamese neural network for open-set recognition of encrypted network traffic with bidirectional dropout data augmentation. Our contributions are three-fold: First, we introduce generated positive and negative pairs into the siamese neural network training process to shape a more precise similarity boundary through bidirectional dropout data augmentation. Second, we utilize Dirichlet Process Gaussian Mixture Model (DPGMM) distribution to fit the similarity scores of the negative pairs constructed by the support set of each query task, and create a new open-set recognition metric. Third, by leveraging the extracted features at coarse and fine granular levels , we construct a hierarchical cross entropy loss to improve the confidence of the similarity score. Extensive experiments on a network traffic dataset and the Omniglot dataset demonstrate the superiority and generalizability of our proposed approach.

Investigation of COVID-19 Vaccine Information Websites across Europe and Asia Using Automated Accessibility Protocols.

Websites content accessibility guidelines (WCAG) ensure that websites should be perceivable, understandable, navigable, and interactive. During the SARS-CoV-2 pandemic, the importance of accessible websites and online content grew throughout the world. Therefore, in this study, we examined COVID-19-related official government websites. This research covered 21 government websites, with 13 websites from European countries and 8 websites from Asian countries, to evaluate their accessibility following WCAG 2.0 and WCAG 2.1 guidelines. The overall goal of this study was to identify the frequent accessibility problems that might help the website owners to identify the shortcomings of their websites. The target websites were evaluated in two steps: in step-1, evaluation was performed through four automatic web accessibility testing tools such as Mauve++, Nibbler, WAVE, and WEB accessibility tools; in step-2, evaluation went through human observation, such as system usability testing and expert testing. The automatic evaluation results showed that few of the websites were accessible; a significant number of websites were not accessible for people with disabilities. In addition, system usability testing found some complexity in website organization, short explanations, and outdated information. The expert testing suggested improving the color of the websites, organization of links, buttons, and font size. This study might be helpful for associated authorities to improve the quality of the websites in the future.

A Hybrid parallel deep learning model for efficient intrusion detection based on metric learning

With the rapid development of network technology, a variety of new malicious attacks appear while attack methods are constantly updated. As the attackers exploit the vulnerabilities of popular third-party components to invade target websites, further improving the classification accuracy of malicious network traffic is the key to improving the performance of abnormal traffic detection. Existing intrusion detection systems may suffer from incomplete feature extraction and low classification accuracy. Thus, this paper proposes an efficient hybrid parallel deep learning model (HPM) for intrusion detection based on margin learning. First, HPM constructs two parallel CNN architectures and fuses the spatial features obtained through full convolution. Secondly, the temporal information of the fused features is parsed separately using two parallel LSTMs. Finally, the extracted spatial-temporal features are fed into the CosMargin classifier for classification detection after global convolution and global pooling. Besides, this paper proposes an improved traffic feature extraction method, which not only reduces redundant features but also speeds up the convergence speed of the network. In the experiment, our HPM has achieved 99% detection accuracy of each malicious class, ranging from 5%–10% improvement with other models, which demonstrates the superiority of our proposed model.

Virtual user geography of library websites

The author generalizes the results of library user survey. The survey was held within the framework of the study “Webometric monitoring of libraries”. The study goal was to assess the virtual geography of library website users and to specify target audience. The user audience of 11 library websites was assessed by following criteria: geographical data (user location, probable user residence area); user demographic data (sex, age); loyalty indicators (bounce rate, visit depth, visit duration); website user desired actions (estimation of desired action conversion). Based on the findings, the author concludes that: library offline services impact website user geography; there is a close interdependence between library location and website traffic; users resident in the library region make the most loyal website users; women prevail in the library user audience. The target website user audience is identified; recommendations are offered for the further strategic development in the web-space. The study conclusions and recommendations would facilitate generated demanded content and efficient promotion of library information resources and services in the web-space.

Jumpstarting the Justice Disciplines: A Computational-Qualitative Approach to Collecting and Analyzing Text and Image Data in Criminology and Criminal Justice Studies

Computational methods are increasingly popular in criminal justice research. As more criminal justice data becomes available in 'big' and other digital formats, new means of embracing the computational turn are needed. In this article, we propose a framework for data collection and case sampling using computational methods, allowing researchers to conduct thick qualitative research – analyses concerned with the particularities of a social context or phenomenon – starting from big data, which is typically associated with thinner quantitative methods and the pursuit of generalizable findings. The approach begins by using open-source web scraping algorithms to collect content from a target website, online database, or comparable online source. Next, researchers use computational techniques from the field of natural language processing to explore themes and patterns in the larger data set. Based on these initial explorations, researchers algorithmically generate a subset of data for in-depth qualitative analysis. In this computationally driven process of data collection and case sampling, the larger corpus and subset are never entirely divorced, a feature we argue has implications for traditional qualitative research techniques and tenets. To illustrate this approach, we collect, subset, and analyze three years of news releases from the Royal Canadian Mounted Police website (N = 13,637) using a mix of web scraping, natural language processing, and visual discourse analysis. To enhance the pedagogical value of our intervention and facilitate replication and secondary analysis, we make all data and code available online in the form of a detailed, step-by-step tutorial.

Sustaining accurate detection of phishing URLs using SDN and feature selection approaches

Phishing is an online fraud that deceives visitors by impersonating a legitimate website to steal their confidential or personal information. This is a well-known form of cybercrime. With the aim of detecting phishing sites, several phishing site detection techniques have recently been created. However, it fails to achieve the desired goal and has a large number of drawbacks, including low accuracy, long learning curve, and low-power embedded hardware. For covering such drawbacks, this work proposes an efficient URLs Phishing detection technique. Our technique depends on Software Defined Network (SDN) technology, clustering and feature method, and Conventional Neural Network (CNN) algorithm. Feature selection technique is based on Recursive Feature Elimination (RFE) with Support Vector Machine (SVM) algorithm. The SDN is used to transfer the URLs phishing detection process out of the user's hardware to the controller layer, continuously train on new data, and then send its outcomes to the SDN-Switches. RFE-SVM and CNN are used to increase accuracy of phishing detection. Therefore, the proposal model does not require retrieving the content of the target website or using any third-party services. It captures the information and sequential patterns of URL strings without requiring a prior knowledge about phishing, and then uses the sequential pattern features to quickly classify the actual URL. The experimental results showed that our proposal highlighted the robustness and accuracy in distinguishing between phishing and legitimate sites. Our suggestion achieves 99.5% phishing detection accuracy.

Automated Discovery of Network Cameras in Heterogeneous Web Pages

Reduction in the cost of Network Cameras along with a rise in connectivity enables entities all around the world to deploy vast arrays of camera networks. Network cameras offer real-time visual data that can be used for studying traffic patterns, emergency response, security, and other applications. Although many sources of Network Camera data are available, collecting the data remains difficult due to variations in programming interface and website structures. Previous solutions rely on manually parsing the target website, taking many hours to complete. We create a general and automated solution for aggregating Network Camera data spread across thousands of uniquely structured web pages. We analyze heterogeneous web page structures and identify common characteristics among 73 sample Network Camera websites (each website has multiple web pages). These characteristics are then used to build an automated camera discovery module that crawls and aggregates Network Camera data. Our system successfully extracts 57,364 Network Cameras from 237,257 unique web pages.

An Improved Multiple Features and Machine Learning-Based Approach for Detecting Clickbait News on Social Networks

The widespread usage of social media has led to the increasing popularity of online advertisements, which have been accompanied by a disturbing spread of clickbait headlines. Clickbait dissatisfies users because the article content does not match their expectation. Detecting clickbait posts in online social networks is an important task to fight this issue. Clickbait posts use phrases that are mainly posted to attract a user’s attention in order to click onto a specific fake link/website. That means clickbait headlines utilize misleading titles, which could carry hidden important information from the target website. It is very difficult to recognize these clickbait headlines manually. Therefore, there is a need for an intelligent method to detect clickbait and fake advertisements on social networks. Several machine learning methods have been applied for this detection purpose. However, the obtained performance (accuracy) only reached 87% and still needs to be improved. In addition, most of the existing studies were conducted on English headlines and contents. Few studies focused specifically on detecting clickbait headlines in Arabic. Therefore, this study constructed the first Arabic clickbait headline news dataset and presents an improved multiple feature-based approach for detecting clickbait news on social networks in Arabic language. The proposed approach includes three main phases: data collection, data preparation, and machine learning model training and testing phases. The collected dataset included 54,893 Arabic news items from Twitter (after pre-processing). Among these news items, 23,981 were clickbait news (43.69%) and 30,912 were legitimate news (56.31%). This dataset was pre-processed and then the most important features were selected using the ANOVA F-test. Several machine learning (ML) methods were then applied with hyper-parameter tuning methods to ensure finding the optimal settings. Finally, the ML models were evaluated, and the overall performance is reported in this paper. The experimental results show that the Support Vector Machine (SVM) with the top 10% of ANOVA F-test features (user-based features (UFs) and content-based features (CFs)) obtained the best performance and achieved 92.16% of detection accuracy.

Applying Implicit Association Test Techniques and Facial Expression Analyses in the Comparative Evaluation of Website User Experience.

This research project has the goal to verify whether the application of neuromarketing techniques, such as implicit association test (IAT) techniques and emotional facial expressions analyses may contribute to the assessment of user experience (UX) during and after website navigation. These techniques have been widely and positively applied in assessing customer experience (CX); however, little is known about their simultaneous application in the field of UX. As a specific context, the experience raised by different websites from two well-known automotive brands was compared. About 160 Italian university students were enrolled in an online experimental study. Participants performed a Brand Association Reaction Time Test (BARTT) version of the IAT where the two brands were compared according to different semantic dimensions already used in the automotive field. After completing the BARTT test, the participants navigated the target website: 80 participants navigated the first brand website, while the other half navigated the second brand website (between-subject design). During the first 3 min of website navigation, emotional facial expressions were recorded. The participants were asked to freely navigate the website home page, look for a car model and its characteristics and price, use the customising tool, and in the end, look for assistance. After the website navigation, all the participants performed, a second time, the BARTT version of the IAT, where the two brands were compared again, this time to assess whether the website navigation may impact the Implicit Associations previously detected. A traditional evaluation of the two websites was carried on by means of the classic heuristic evaluation. Findings from this study show, first of all, the significant results provided by neuromarketing techniques in the field of UX, as IAT can provide a positive application for assessing UX played by brand websites, thanks to the comparison of eventual changes in time reaction between the test performed before and after website navigation exposure. Secondly, results from emotional facial expression analyses during the navigation of both brand websites showed significant differences between the two brands, allowing the researchers to predict the emotional impact raised by each website. Finally, the positive correlation with heuristic evaluation shows that neuromarketing can be successfully applied in UX.

Few-shot website fingerprinting attack

Website fingerprinting (WF) attack stands opposite against privacy protection in using the Internet, even when the content details are encrypted, such as Tor networks. Whilst existing difficulty in the preparation of many training samples, we study a more realistic problem — few-shot website fingerprinting attack where only a few training samples per website are available. We introduce a novel Transfer Learning Fingerprinting Attack (TLFA) that can transfer knowledge from the labeled training data of websites disjoint and independent to the target websites. Specifically, TLFA trains a stronger embedding model with the training data collected from non-target websites, which is then leveraged in a task-agnostic manner with a task-specific classifier model fine-tuned on a small set of labeled training data from target websites. We conduct expensive experiments to validate the superiority of our TLFA over the state-of-the-art methods in both closed-world and open-world attacking scenarios, at the absence and presence of strong defense.

Discourse and Identity in the Digital World: Mansoura University Website as a Model

Digital Discourse is concerned with the manipulation of multi-modal and multi-semiotic resources which are investigated to characterize identities and ideologies in a digital world that is said to be a part of a whole society, as claimed by Gee (2005). A digital text is a type of human communication that can be described as multimodal by incorporating writing, images, sounds and other semiotic systems. In the last three decades, people have become more attracted to say so many things about themselves and their activities through digital media. However, attempts to give a comprehensive image of a college or university are limited. The present study aims to signify how a digital text can reflect ideologies and realities about the social and academic life of Mansoura University, located in Mansoura city, the capital of Dakahlia Governorate on the east bank of the Nile in Egypt. The data employed as the basis of the analysis in this study is extracted from large database of announcements, texts and images displayed on Mansoura University website in 2020 (following the widespread transmission of Covid-19). The study proposes a multidisciplinary analysis of Mansoura University website, following Darvin (2016) and Petroni (2019). Mansoura University website is said to be an attempt by a collective institution to establish an image of itself on the internet. The digitized discourse is designed to provide a collective image that replicates the identity of Mansoura University and highlights its position (inter)nationally. Dealing with the information displayed on the target website as a type of commodity that possesses multiple traits and, at the same time, reflects issues of identity and reputation building, the study concludes that the analysis of the digital discourse has assigned Mansoura University a type of identity that can be described as a Commodified Identity.