Defending against Malicious Websites: Themed Threats, Detection, and Law-Enforcement

dc.contributor.advisorSandhu, Ravi
dc.contributor.advisorXu, Shouhuai
dc.contributor.authorPritom, Mir Mehedi Ahsan
dc.contributor.committeeMemberWhite, Gregory B.
dc.contributor.committeeMemberWang, Xiaoyin
dc.contributor.committeeMemberXie, Mimi
dc.creator.orcidhttps://orcid.org/0000-0002-1260-1829
dc.date.accessioned2024-02-12T19:51:19Z
dc.date.available2024-02-12T19:51:19Z
dc.date.issued2022
dc.descriptionThis item is available only to currently enrolled UTSA students, faculty or staff. To download, navigate to Log In in the top right-hand corner of this screen, then select Log in with my UTSA ID.
dc.description.abstractMalicious websites have become a main cyber threat. Despite the substantial effort made by researchers and practitioners, some fundamental problems regarding effective defenses against these attacks remain open, such as: What are the emerging trends of malicious websites? How should we cope with the new trends? What do we need to do to help law-enforcement deal with them? This dissertation addresses these problems by making three contributions. The first contribution is to characterize emerging threats of themed malicious websites, which represent one trend as evidenced by the many malicious websites exploiting the COVID incident. The characterization offers a deep understanding of the attacks, which leads to the second contribution, namely the investigation of how to detect the emerging themed malicious websites exploiting the COVID-19 incident. While the preceding two contributions are from a purely technological point of view, the third contribution investigates the gap between technology and law-enforcement with respect to malicious websites. Understanding and addressing the gap is essential because we anticipate that the law-enforcement eventually needs to be involved in dealing with malicious websites, if not already. For this purpose, we focus on investigating how to support the law-enforcement dealing with blacklisted websites while highlighting two important factors: one is the trustworthiness of Machine Learning methods in predicting malicious websites, which is important because blacklists are not perfect; and the other is how to interpret or explain the individual predictions (possibly in the court), which existing black-box ML models can not provide. The resulting methodology could be leveraged to cope with malicious websites towards ultimately eliminating, or at least adequately mitigating, them. Finally, we present case studies with real-world datasets to show the usability and efficacy of the proposed methods.
dc.description.departmentComputer Science
dc.format.extent113 pages
dc.format.mimetypeapplication/pdf
dc.identifier.isbn9798841760672
dc.identifier.urihttps://hdl.handle.net/20.500.12588/5131
dc.languageen
dc.subjectblacklist law enforcement
dc.subjectMalicious website
dc.subjectMalicious website detection
dc.subjectThemed attack characterization
dc.subjectThemed Malicious Website
dc.subjectwebsite law enforcement
dc.subject.classificationComputer science
dc.titleDefending against Malicious Websites: Themed Threats, Detection, and Law-Enforcement
dc.typeThesis
dc.type.dcmiText
dcterms.accessRightspq_closed
thesis.degree.departmentComputer Science
thesis.degree.grantorUniversity of Texas at San Antonio
thesis.degree.levelDoctoral
thesis.degree.nameDoctor of Philosophy

Files

Original bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
Pritom_utsa_1283D_13686.pdf
Size:
1.69 MB
Format:
Adobe Portable Document Format