An Efficient Filtering Method for Detecting Malicous Web Pages

There are ways to detect malicious web pages, two of which are dynamic detection and static detection. Dynamic detection has a high detection rate but uses a high amount of resources and takes a long time, whereas static analysis only uses a small amount of resources but its detection rate is low. To minimize the weaknesses of these two methods, a filtering method was suggested. This method uses static analysis first to filter normal web pages and then uses dynamic analysis to test only the remaining suspicious web pages. In this filtering method, if a page is classified as normal at the filtering stage, it is not being tested any more. However, the existing filtering method does not consider this problem. In this paper, to solve this problem, our proposed filtering method utilizes a cost-sensitive method. Also, to increase the efficiency of the filter, features are grouped as three subsets depending on the difficulty of the extraction. The efficiency of the proposed filter can be increased, as our method only uses the necessary feature subset according to the characteristics of the web pages. An experiment showed that the proposed method shows fewer false negatives and greater efficiency than an existing filtering method.