A Risk-Scoring Feedback Model for Webpages and Web Users Based on Browsing Behavior

It has been claimed that many security breaches are often caused by vulnerable (naïve) employees within the organization [Ponemon Institute LLC 2015a]. Thus, the weakest link in security is often not the technology itself but rather the people who use it [Schneier 2003]. In this article, we propose...

Full description

Saved in:
Bibliographic Details
Published in:ACM transactions on intelligent systems and technology 2017-07, Vol.8 (4), p.1-21
Main Authors: Neria, Michal Ben, Yacovzada, Nancy-Sarah, Ben-Gal, Irad
Format: Article
Language:English
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:It has been claimed that many security breaches are often caused by vulnerable (naïve) employees within the organization [Ponemon Institute LLC 2015a]. Thus, the weakest link in security is often not the technology itself but rather the people who use it [Schneier 2003]. In this article, we propose a machine learning scheme for detecting risky webpages and risky browsing behavior, performed by naïve users in the organization. The scheme analyzes the interaction between two modules: one represents naïve users, while the other represents risky webpages. It implements a feedback loop between these modules such that if a webpage is exposed to a lot of traffic from risky users, its “risk score” increases, while in a similar manner, as the user is exposed to risky webpages (with a high “risk score”), his own “risk score” increases. The proposed scheme is tested on a real-world dataset of HTTP logs provided by a large American toolbar company. The results suggest that a feedback learning process involving webpages and users can improve the scoring accuracy and lead to the detection of unknown malicious webpages.
ISSN:2157-6904
2157-6912
DOI:10.1145/2928274