Litcius/Paper detail

Supporting Law-Enforcement to Cope with Blacklisted Websites: Framework and Case Study

Mir Mehedi Ahsan Pritom, Shouhuai Xu

202210 citationsDOI

Abstract

Cyber attackers have long abused web domains and URLs to carry out various attacks such as Phishing, web scamming, and malware attacks. In order to defend against these attacks, URL blacklisting has been widely used. However, this approach has significant weaknesses, especially from a law-enforcement point of view. In particular, the law-enforcement does not know what to do with a blacklist because it is unclear what needs to be done (e.g., shutting down a host or domain) due to the subtleties associated with the problem. In order to help the law-enforcement in dealing with blacklisted URLs, we propose a novel framework based on Machine Learning (ML) while providing the law-enforcement with probabilistic classification and interpretability of the predictions made by the interpretable model. Our probabilistic classification and interpretability measures provide a basis for law-enforcement trustworthy decision-making and remove the black-box nature of traditional ML-based approaches. Experimental results show that the framework is practical and has further potential to tackle website maliciousness.

Topics & Concepts

BlacklistingBlacklistMalwareComputer scienceLaw enforcementComputer securityPhishingInterpretabilityEnforcementOrder (exchange)Internet privacyThe InternetWorld Wide WebLawArtificial intelligencePolitical scienceBusinessFinanceSpam and Phishing DetectionAdvanced Malware Detection TechniquesNetwork Security and Intrusion Detection