Tampere University of Technology

TUTCRIS Research Portal

Malware distributions and graph structure of the Web

Research output: Working paperProfessional


Original languageEnglish
Number of pages15
Publication statusPublished - 19 Jul 2017
Publication typeNot Eligible


Knowledge about the graph structure of the Web is important for understanding this complex socio-technical system and for devising proper policies supporting its future development. Knowledge about the differences between clean and malicious parts of the Web is important for understanding potential treats to its users and for devising protection mechanisms. In this study, we conduct data science methods on a large crawl of surface and deep Web pages with the aim to increase such knowledge. To accomplish this, we answer the following questions. Which theoretical distributions explain important local characteristics and network properties of websites? How are these characteristics and properties different between clean and malicious (malware-affected) websites? What is the prediction power of local characteristics and network properties to classify malware websites? To the best of our knowledge, this is the first large-scale study describing the differences in global properties between malicious and clean parts of the Web. In other words, our work is building on and bridging the gap between Web science that tackles large-scale graph representations and Web cyber security that is concerned with malicious activities on the Web. The results presented herein can also help antivirus vendors in devising approaches to improve their detection algorithms.


  • cs.SI

Field of science, Statistics Finland

Downloads statistics

No data available