Analysis of third-party request structures to detect fraudulent websites

作者:

Highlights:

• A method for generalized fraudulent website detection

• Fraud cue features use third-party request structure.

• Robust prediction results across many machine learning methods

摘要

Third-party websites or applications are the key entities in the web eco-system that enable websites to function and offer services. Almost every organization today uses dozens of websites and sub-domains. Each provides essential functions and typically uses dozens of third-parties to produce its capabilities. With the growing problem of illegitimate websites, such as those peddling fake news and selling counterfeit products, the detection of fraudulent websites becomes more and more crucial. While the conventional method of fraudulent website detection mostly relies on the content-based analysis of websites, the method of this study uses third-party request structure features and attributes of third-parties engaged in the structure to predict legitimate and fraudulent websites. This method can be used on a real-time basis to complement current detection methods. Moreover, our approach is not limited to a specific category of websites. In other words, unlike previous studies, our approach is able to increase the likelihood of detecting all kinds of fake and fraudulent websites. The results of this study are largely robust across different predictive models.

论文关键词:Fraudulent website detection,Third-party,Prediction,Machine learning

论文评审过程:Received 31 March 2021, Revised 1 October 2021, Accepted 16 November 2021, Available online 20 November 2021, Version of Record 24 January 2022.

论文官网地址:https://doi.org/10.1016/j.dss.2021.113698