Malware distributions and graph structure of the Web

Sanja Scepanovic, Igor Mishkovski, Jukka Ruohonen, Frederick Ayala-Gómez, Tuomas Aura, Sami Hyrynsalmi

Research output: Contribution to journalArticleScientific


Knowledge about the graph structure of the Web is important for understanding this complex socio-technical system and for devising proper policies supporting its future development. Knowledge about the differences between clean
and malicious parts of the Web is important for understanding potential treats to its users and for devising protection mechanisms. In this study, we conduct data science methods on a large crawl of surface and deep Web pages with
the aim to increase such knowledge. To accomplish this, we answer the following questions. Which theoretical distributions explain important local characteristics and network properties of websites? How are these characteristics and properties different between clean and malicious (malware-affected) websites? What is the prediction power of local characteristics and network properties to classify malware websites? To the best of our knowledge, this is the first large-scale study describing the differences in global properties between malicious and clean parts of the Web. In other words, our work is building on and bridging the gap between Web science that tackles large-scale graph representations and Web cyber security that is concerned with malicious activities on the Web. The results presented herein can also help antivirus vendors in devising approaches to improve their detection algorithms.
Original languageEnglish
Publication statusPublished - 2017
MoE publication typeB1 Article in a scientific magazine


Dive into the research topics of 'Malware distributions and graph structure of the Web'. Together they form a unique fingerprint.

Cite this