Exploiting the Capabilities of Classifiers to Examine a Website Defacement Data Set

Authors

  • Elrasheed Ismail Mohommoud Zayid University of Bisha Author
  • Ibrahim Isah College of Science and Technology Author
  • Nadir Abdelrahman Ahmed Farah University of Bisha Author
  • Yagoub Abbker Adam Jazan University Author
  • Omar Abdullah Omar Alshehri University of Bisha Author

DOI:

https://doi.org/10.59992/IJCI.2024.v3n3p1

Keywords:

Website Defacement, Website Defacement Assessment, Classification Metrics, Website Hacktivism, Cyber Risks, Predict Cyber Threats

Abstract

Website defacement is the illegal electronic act of changing a website. In this paper, the capabilities of robust machine learning classifiers are exploited to select the best input feature set for evaluation of a website’s defacement risk. A defacement mining data set was obtained from Zone-H, a private organization, and a sample consisting of 93,644 data points was pre-processed and used for modelling purposes. Using multi-dimensional features as input, enormous modelling computations were carried out to determine the optimal outputs, in terms of performance. Reason and hackmode presented the highest contributions for the evaluation of website defacement, and were thus chosen as outputs. Various machine learning models were examined, and decision tree (DT), k-nearest neighbours (k-NN), and random forest (RF) were found to be the most powerful algorithms for prediction of the target model. The input variables 'domain', 'system', 'web_server', 'redefacement', 'type', 'def_grade', and 'reason/hackmode' were tested and used to shape the final model. Using the cross-validation (CV) technique, the key performance factors of the models were calculated and reported. After calculating the average scores for the hyperparameter metrics (i.e., max-depth, min-sample-leaf, weight, max-features, and CV), both targets were evaluated, and the learning algorithms were ranked as RF > DT > k-NN. The reason and hackmode variables were thoroughly analysed, and the average score accuracies for the reason and hackmode targets were 0.85 and 0.585, respectively. The results comprise a significant development, in terms of modelling and optimizing website defacement risk. This study successfully addresses key cybersecurity concerns, particularly website defacement.

Author Biographies

  • Elrasheed Ismail Mohommoud Zayid, University of Bisha

    Dept. of Information Systems, College of Science & Arts-Alnamas, University of Bisha, Saudi Arabia

    https://orcid.org/0000-0003-2375-6911

  • Ibrahim Isah, College of Science and Technology

    Dept. of Science and Lab. Technology, College of Science and Technology, Jigawa State Polytechnic Dutse, Nigeria

  • Nadir Abdelrahman Ahmed Farah, University of Bisha

    Dept. of Information Systems, College of Science & Arts-Alnamas, University of Bisha, Saudi Arabia

  • Yagoub Abbker Adam, Jazan University

    Dept. of Computer Science, College of Computer Science and Information Tech., Jazan University, Saudi Arabia

  • Omar Abdullah Omar Alshehri, University of Bisha

    Educational Technology Dept., College of Education, University of Bisha, Saudi Arabia

References

[1] Romagna, M.; van den Hout, N. J (October 2017) Hacktivism and Website Defacement: Motivations, Capabilities and potential Threats. Proceedings of the 27th Virus Bulletin International Conference: 41–50. Retrieved 8 October 2017.

[2] Aslan, Çağrı Burak; Li, Shujun; Çelebi, Fatih V.; Tian, Hao (9 November 2020) The World of Defacers: Looking Through the Lens of Their Activities on Twitter. IEEE Access. 8: 204132–204143. doi:10.1109/ACCESS.2020.3037015.

[3] Hoang, Xuan Dau (2018) A Website Defacement Detection Method Based on Machine Learning Techniques. Proceedings of the Ninth International Symposium on Information and Communication Technology - SoICT 2018. Danang City, Viet Nam: ACM Press: 443–448. doi:10.1145/3287921.3287975. ISBN 978-1-4503-6539-0. S2CID 56403851

[4] Bartoli, A.; Davanzo, G.; Medvet, E (2010) A Framework for Large-Scale Detection of Web Site Defacements. ACM Trans. Internet Technol. 2010, 10, 10.

[5] Zone-H. (2022) News. www.zone-h.org/listingnews. Accessed (9th June 2021).

[6] Burruss, G. W., Howell, C. J., Maimon, D., & Wang, F (2021) Website defacer classification: A finite mixture model approach. Social Science Computer Review.

[7] Davanzo, G.; Medvet, E.; Bartoli, A (2011) Anomaly detection techniques for a web defacement monitoring service. J. Expert Syst. Appl. 38, 12521–12530.

[8] Banerjee, S., Swearingen, T., Shillair, R., Bauer, T. J., & Ross, A (2021) Using machine learning to examine cyberattack motivations on web defacement data. Social Science, Computer Review.

[9] Zhang, X., Tsang, A., Yue, W. T., & Chau, M (2015) The classification of hackers by knowledge exchange behaviors. Information Systems Frontiers, 17(6), 1239–1251.

[10] Maimon, David, Andrew Fukuda, Steve Hinton, Olga Babko-Malaya, and Rebecca Cathey (2017) On the Relevance of Social Media Platforms in Predicting the Volume and Patterns of Web Defacement Attacks. in 2017 IEEE International Conference on Big Data (Big Data), 4668-4673. IEEE.

[11] Andress, J., & Winterfeld, S (2013) Cyber warfare: Techniques, tactics and tools for security practitioners. Elsevier.

[12] Howell, C. J., Burruss, B. W., Maimon, D., & Sahani, S (2019) Website defacement and routine activities: Considering the importance of hackers’ valuations of potential targets. Journal of Crime and Justice, 42, 536.

[13] Maggi, F., Balduzzi, M., Flores, R., Gu, L., & Ciancaglini, V (2018) Investigating web defacement campaigns at large. In Proceedings of the 2018 on asia conference on computer and communications security (pp. 443–456).

[14] Ooi, Kok Wei, Seung-Hyun Kim, Qiu-Hong Wang, and Kai Lung Hui (2012) Do Hackers Seek Variety? An Empirical Analysis of Website Defacements. AIS.

[15] Borgolte, K.; Kruegel, C.; Vigna, G. Meerkat (2015) Detecting Website Defacements through Image-based Object Recognition. In Proceedings of the 24th USENIX Security Symposium (USENIX Security), Washington, DC, USA, 12–14 August 2015.

[16] Yury Zhauniarovich, Issa Khalil, Ting Yu, Marc Dacier ((2018)) A Survey on Malicious Domains Detection through DNS Data Analysis, ACM Computing Survev, 1 (1), pp. 35.

[17] Rajesh Gupta, Sudeep Tanwar, Sudhanshu Tyagi, Neeraj Kumar (2020) Machine Learning Models for Secure Data Analytics: A taxonomy and threat model, Computer Communications, Volume 153, , pp. 406-440, https://doi.org/10.1016/j.comcom.2020.02.008.

[18] Mohamed Amine Ferrag, Leandros Maglaras, Sotiris Moschoyiannis, Helge Janicke (2020) Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study, Journal of Information Security and Applications, Vol. 50, 2020, 102419, https://doi.org/10.1016/j.jisa.2019.102419.

[19] News, (2003)Web defacing contest stirs up conflict, Computer Fraud & Security, Vol. 2003, 8, 2003, pp.2-3, https://doi.org/10.1016/S1361-3723(03)08003-5.

[20] Samaneh Mahdavifar, Ali A. Ghorbani (2019) Application of deep learning to cybersecurity: A survey, Neurocomputing, Vol. 347, Pages 149-176, https://doi.org/10.1016/j.neucom.2019.02.056.Accessed December 23 2021

[21] Defacer.ID(2022) Available online: https://defacer.id (accessed on 10th April 2022).

[22] Burruss et al., (2021) Website defacer classification: a finite mixture model approach, Social Science Computer Review 1-13.

[23] Aslan, C¸. B., Li, S., C¸ elebi, F. V., & Tian, H (2020) The world of defacers: Looking through the lens of their activities on Twitter. IEEE Access, 8, 204132–204143.

[24] Fox, B. H., & Farrington, D. P (2015) An experimental evaluation on the utility of burglary profiles applied in active police investigations. Criminal Justice and Behavior, 42(2), 156–175.

[25] Braga, A. A., Turchan, B., Papachristos, A. V., & Hureau, D. M (2019) Hot spots policing of small geographic areas effects on crime. Campbell Systematic Reviews, 15(3). https://doi.org/10.1002/cl2.1046

[26] Bruinsma, G. J. N., & Johnson, S. D. (Eds.) (2018) The oxford handbook of environmental criminology. Oxford University Press. https://doi.org/10.1093/oxfordhb/ 9780190279707.001.0001.

[27] A. Moneva et al., (2022) Repeat victimization by website defacement: An empirical test of premises from an environmental criminology perspective, Computers in Human Behavior, 126 (2022), 106984.

[28] Gurjwar R.K, Sahu D.R., and Tomar D.S., (2013) An approach to reveal website defacement, International Journal of Computer Science and Information Security (IJCSIS), Vol. 11, No. 6, June 2013.

[29] Hoang, X.D (2018) A Website Defacement Detection Method based on Machine Learning. In Proceedings of the International Conference on Engineering Research and Applications (ICERA 2018), Thai-Nguyen, Vietnam, 1–2 December 2018.

[30] Banff Cyber Technologies (2022) Best Practices to Address the Issue of Web Defacement. Available online: https: //www.banffcyber.com/knowledge-base/articles/best-practices-address-issue-web-defacement/ (accessed on 26 April 2022).

[31] H. Hassani, X. Huang, E. S. Silva, and M. Ghodsi (2016) A review of data mining applications in crime, Statistical Analysis and Data Mining: 9e ASA Data Science Journal, vol. 9, no. 3, pp. 139–154,

[32] Y.-H. Tseng, Z.-P. Ho, K.-S. Yang, and C.-C. Chen (2012) Mining term networks from text collections for crime investigation, Expert Systems with Applications, vol. 39, no. 11, pp. 10082– 10090.

[33] A. Malathi and S. S. Baboo, (2011) An enhanced algorithm to predict a future crime using data mining, International Journal of Computer Applications, vol. 21, no. 1, 2011.

[34] Hoang X. D. and Nguyen N. T., (2019) Detecting website defacements based on machine learning techniques and attack signatures, Computers 2019, 8, 35.

[35] S.G.A. van de Weijer et al., (2021) Heterogeneity in trajectories of cybercriminals: a longitudinal analyses of web defacements, Computers in Human Behavior Reports, 4 (2021), 100113.

[36] Holt et al., (2021) Examining the characteristics that differentiate jihadi-associated cyberattacks using routine activities theory, Social Science Computer Review, pp.1-17.

[37] Berton, B., & Pawlak, P. (2015) Cyber jihadists and their web. European Union Institute for Security Studies.

[38] Central Intelligence Agency (2018) The CIA world factbook 2018. Skyhorse Publishing Inc.

[39] Heickero¨, R (2014) Cyber terrorism: Electronic jihad. Strategic Analysis, 38(4), 554–565.

[40] Carson, J. V., & Suppenbach, M. (2018) The Global Jihadist Movement: The most lethal ideology? Homicide Studies, 22(1), 8–44.

[41] Mee Lan Han et al., (2019) CBR-based decision support methodology for cybercrime investigation: focused on the data-driven website defacement analysis, Hindawi, Security and Communication Networks, Vol. 2019, (1901548), pp.21.

[42] Howell, Jordan C., George W. Burruss, David Maimon & Shradha Sahani (2019) Website defacement and routine activities: considering the importance of hackers’ valuations of potential targets, Journal of Crime and Justice, 42, 2019, pp.536-550.

[43] Bernasco, W (2008) Them again?: Same-offender involvement in repeat and near repeat burglaries. European Journal of Criminology, 5(4), 411–431. https://doi.org/ 10.1177/1477370808095124

[44] E. ALPAYDIN (2010) Introduction to Machine Learning, 2nd ed., London: MIT press, 2010, pp. 67-97.

[45] V. N. Vapnik, (2000) The nature of statistical learning theory, 2nd ed., New York: Springer, 2000, pp. 112-235.

[46] V. CHERKASSKY and Y. MA, (2004) Practical selection of SVM parameters and noise estimation for SVM regression, Neural Networks, 17, 2004, pp.113–126.

[47] Holt, T. J., Leukfeldt, R., & van de Weijer, S (2020) An examination of motivation and routine activity theory to account for cyberattacks against Dutch websites. Criminal Justice and Behavior, 47(4), 487–505.

[48] Holt, T. J., Stonhouse, M., Freilich, J., & Chermak, S. M (2019) Examining ideologically motivated cyber-attacks performed by far-left groups. Terrorism and Political Violence, 33, 1–22.

Downloads

Published

2024-03-15

Issue

Section

Articles

How to Cite

Elrasheed Ismail Mohommoud Zayid, Ibrahim Isah, Nadir Abdelrahman Ahmed Farah, Yagoub Abbker Adam, & Omar Abdullah Omar Alshehri. (2024). Exploiting the Capabilities of Classifiers to Examine a Website Defacement Data Set. International Journal of Computers and Informatics, 3(3). https://doi.org/10.59992/IJCI.2024.v3n3p1