Skip to content

qcri/compromised

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 0 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
attacker_owned_compromised_classifier
 
 
cleaned_data
 
 
public_private_classifier
 
 
README.md
 
 

README.md

Compromised vs. Attack Domains

This is the code repository for the USENIX Security 2021 paper "Compromised or Attacker-Owned: A Large Scale Classification and Study of Hosting Domains of Malicious URLs".

The key problem we solve in this work is that given a malicious URL:

  • Can we identify if it is hosted on a public or private apex?
  • Can we identify if it is a compromised website or an attacker owned website?

The repository contains two key classifiers we build.

  • Public-Private Classifier
  • Compromised-Attacker Owned Classifier
@inproceedings {desilva21,
  title = {Compromised or Attacker-Owned: A Large Scale Classification and Study of Hosting Domains of Malicious URLs},
  author = {Ravindu De Silva and Mohamed Nabeel and Charitha Elvitigala and Issa Khalil and Ting Yu and Chamath Keppitiyagama},
  booktitle = {30th {USENIX} Security Symposium ({USENIX} Security 21)},
  year = {2021},
  url = {https://www.usenix.org/conference/usenixsecurity21/presentation/desilva},
  publisher = {{USENIX} Association},
  month = aug,
}

About

Detecting Compromised and Attack domains

Resources

Readme

Stars

1 star

Watchers

4 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages