Rami Al-Salman scite author profile

Rami Al-Salman

4Publications

20Citation Statements Received

37Citation Statements Given

How they've been cited

How they cite others

Affiliations

Jordan University of Science and Technology

Publications

Order By: Most citations

Analysis and Identification of Malicious JavaScript Code

Fraiwan

Al-Salman

Khasawneh

et al. 2012

Information Security Journal: A Global Perspective

View full text Add to dashboard Cite

Malicious JavaScript code has been actively and recently utilized as a vehicle for Web-based security attacks. By exploiting vulnerabilities such as cross-site scripting (XSS), attackers are able to spread worms, conduct Phishing attacks, and do Web page redirection to "typically" porn Web sites. These attacks can be preemptively prevented if the malicious code is detected before executing. Based on the fact that a malignant code will exhibit certain features, we propose a novel classification-based detection approach that will identify Web pages containing infected code. Using datasets of trusted and malicious Web sites, we analyze the behavior and properties of JavaScript code to point out its key features. These features form the basis of our identification system and are used to properly train the various classifiers on malicious and benign data. Performance evaluation results show that our approach achieves a 95% or higher detection accuracy, with very small (less than 3%) false positive and false negative ratios. Our solution surpasses the performance of the comparable literature.

show abstract

MALURLs: Malicious URLs Classification System

Aldwairi

Al-Salman

2011

View full text Add to dashboard Cite

MALURLS: A Lightweight Malicious Website Classification Based on URL Features

Aldwairi

Al-Salman

2012

JETWI

View full text Add to dashboard Cite

Surfing the World Wide Web (WWW) is becoming a dangerous everyday task with the Web becoming rich in all sorts of attacks. Websites are a major source of many scams, phishing attacks, identity theft, SPAM commerce and malwares. However, browsers, blacklists and popup blockers are not enough to protect users. That requires fast and accurate systems with the ability to detect new malicious content. We propose a lightweight system to detect malicious websites online based on URL lexical and host features and call it MALURLs. The system relies on Naïve Bayes classifier as a probabilistic model to detect if the target website is a malicious or benign. It introduces new features and employs self learning using Genetic Algorithm to improve the classification speed and precision. A small dataset is collected and expanded through GA mutations to learn the system over short time and with low memory usage. A completely independent testing dataset is automatically gathered and verified using different trusted web sources. They algorithm achieves an average precision of 87%.

show abstract

A Generic Framework for Collecting and Mining Client Paradata for Web Applications

Khasawneh¹,

Al-Salman²,

Al-Hammouri³

et al. 2012

JETWI

View full text Add to dashboard Cite

In this paper, we propose a general framework to track and collect user interactions with dynamic webpages. Using the AJAX, PHP, and MySQL technologies, we implement and realize the client-side-scripting framework to collect client paradata in a seamlessly manner. Being stored in a persistent storage at the server, the data were then structured and analyzed to understand the user behavior. We exploited the framework by applying it to two online systems: E-Survey and E-Commerce web applications. In the E-Survey system, we collected student interactions while filling in an online feedback form. We then used the collected data to model the user behavior. With the resultant model, we can infer whether a student is mindful and conscious while answering the feedback questions. In the E-Commerce system, we collected user interactions with a products page. Using a generated classifier, we can predict a user selection based on his or her navigation pattern on the page.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Rami Al-Salman

Analysis and Identification of Malicious JavaScript Code

MALURLs: Malicious URLs Classification System

MALURLS: A Lightweight Malicious Website Classification Based on URL Features

A Generic Framework for Collecting and Mining Client Paradata for Web Applications

Contact Info

Product

Resources

About