Automated malicious advertisement detection using VirusTotal, URLVoid, and TrendMicro

Rima Masri, Zayed University
Monther Aldwairi, Zayed University

Document Type

Conference Proceeding

Source of Publication

2017 8th International Conference on Information and Communication Systems, ICICS 2017

Publication Date

5-8-2017

Abstract

© 2017 IEEE. The Internet economy is based on free access to content in exchange of viewing advertisements that might lead to online purchases. Advertisements represent an important source of revenue to Advertising companies. Those companies employ every possible technique and trick to maximize clicks and visits to advertisers' websites. Modern websites exchange advertisement contents from ads' providers (such as Google AdSense), which means they do not control the contents of those advertisements. Although large providers such as Google and Yahoo! are supposed to be trustworthy, ad arbitration allows them to auction of those ad slots to other providers. Therefore, web administrators cannot guarantee the source of the ads on their delegated website areas. Those advertisements contain Javascript and may redirect to malicious websites which might lead to malicious code being executed or malware being installed. This paper proposes and implements a system for automatically detecting malicious advertisements. It employs three different online malware domain detections systems (VirusTotal, URLVoid, and TrendMicro) for malicious advertisements detection purposes and reports the number of detected malicious advertisements using each system. In addition, we study the efficiency of each system by calculating the confusion matrix and accuracy. We find that URLVoid is the best in terms of accuracy (73%) because it uses a combination of well known website scanners and domain blacklists.

ISBN

9781509042432

Publisher

Institute of Electrical and Electronics Engineers Inc.

First Page

336

Last Page

341

Disciplines

Business | Computer Sciences

Keywords

malicious advertisements, malicious websites, Malvertisements, VirusTotal

Scopus ID

85020177756

Indexed in Scopus

yes

Open Access

no

Link to Full Text

Share

COinS