Delete below from your repo
This documentaton helps you create a repo that follows a common template for all thesis projects. If you have suggestions, create a new issue or pull request. Before making such a request, please do not add additional info to your homepage of the repository.
To use this template repository as a template for your project, simply create your repository and select this repo as the template like below: Current name of the template repo is thesis-template
Do not delete below from your repo
- Supervisor: Dr. Emre Süren
- Active members: Adam | Eva
- Past members: Sonson
- Status: running 🟢 (or pending 🟡, completed 🟠)
- Started: 2029-12
- Ended: 2030-05
Parent project: LLM Security | Vulnerability Researh | Digital Forensics
The prevalence and non-stop evolving technical sophistication of Exploit Kits (EKs) is one of the most challenging shifts in the modern cybercrime landscape. Over the last few years, malware infection via drive-by download attacks have been orchestrated with EK infrastructures. An EK serves various types of malicious content via several threat vectors for a variety of criminal attempts, which are mostly monetary-centric. In this research, an in-depth discussion of the EK philosophy and internals is provided. A content analysis is introduced for the EK families where special context-aware properties are identified. A key observation is that while the webpage contents have drastic differences between distinct intrusions executed through the same EK, the patterns in URL addresses stay similar. This is due to the fact that auto-generated URLs by EK platforms follow specific templates. This paper proposes a new lightweight technique to quickly categorize unknown EK families with high accuracy leveraging machine learning algorithms with novel URL features. Rather than analyzing each URL individually, the proposed overall URL patterns approach examines all URLs associated with an EK infection. The method has been evaluated with a popular and publicly available dataset that contains 240 different real-world infection cases involving over 2250 URLs, the incidents being linked with the 4 major EK flavors that occurred throughout the year 2016. In the experiments, the system achieves up to 93.7 % clustering accuracy and up to 100 % classification accuracy with the estimators experimented.
Only embed the Youtube URL published from our account. Shoot a video (without video, but feel free to use colorful mouse pointers) regarding how your tool works, how you exploit vulnerability, etc. It will be okay if you only shoot your desktop.
This project run by the Royal Hacking Lab within the Cybercampus Sverige