| The development of the Internet has promoted the rise of the Internet advertising. Today when browsing the web, we can see advertisement everywhere. Advertising is a major source of revenue for many companies, at the same time to become the carrier of hacker attacks, typically ads attack including fishing, cross-site, driver downloads, etc. Malicious ads attacking not only brought great economic losses to Internet users, but also brought a lot of negative effects to sites and AD networks. With this problem more and more serious, finding an efficient malicious ads detection scheme becomes very urgent.There are a lot of research for the detection of malicious ads attacking at home and abroad, one of the most typically scheme is from the angle of the advertising network. By identifying AD networks achieves the purpose of detecting the source of malicious ad nodes. Other solutions are mainly from the specific type of attack, such as cross-site, fishing, driver download ect. Malicious ads attack has many kinds of characteristics which mainly including short time, quick change, various ways. Detecting advertising nodes can efficiently find the source of malicious ads, but this way is not apply for website owners or attacks launched by the third-party. The dilemma also encountered by fishing advertising detection or cross-site advertising. In summary, these schemes are not very ideal. This paper proposes a malicious ads detection scheme based on the client, which is realized by comparing the advantages and disadvantages of current research. The scheme mainly contains URL filtering module, Request module, Combined detection module, Log analysis module etc. URL extraction module is achieved by the improvement of Nutch framework, which is used for extracting URL related to advertising. Request module is to simulate the client’s request, this module works with filter module. Combined filter module consists of a Phishing detection library and HTTP detection engine, which is the core of this scheme. Log analysis module is mainly to analyze detection log. The last part of this article is to verify detection scheme, which proved that this method can effectively detect the malicious advertising information on the website. |
PDF Full Text Request