Research predicts websites likely to be infected with malware
Research conducted by Kyle Soska and Nicolas Christin of Carnegie Mellon University proves that with some degree of accuracy, they can predict which websites will be successfully infected with malware.
“Our approach relies on an online classification algorithm that can automatically detect whether a server is likely to become malicious,” the researchers stated.
Their research uses an algorithm that analyzed websites before they were infected and after they were infected.
“we use machine-learning tools to attempt to detect websites that have not been compromised yet, but
that are likely to become malicious in the future, over a reasonably long horizon (approximately one year)” they stated in their research paper.
Whether or not their predictions come true, it could be used to alert website owners before their website becomes infected with malware.
Many website owners are more reactive – they often don’t consider website security until after they’ve been infected. However, with this research, they could be warned ahead of time and take corrective action before their website and their business becomes victimized by website malware.
“Our goal is to build a classifier which can predict with high certainty if a given website will become malicious in the future.”
“At a high level, the classifier determines if a given website shares a set of features with websites known to have been malicious. A key aspect of our approach is that the feature list used to make this determination is automatically extracted from a training set of malicious and benign webpages, and is updated over time, as threats evolve.”
Could this actually help?
Only time will tell, but it does present some interesting ideas.