A risk-scoring feedback model for webpages and web users based on browsing behavior

Michal Ben Neria, Nancy Sarah Yacovzada, Irad Ben-Gal

Research output: Contribution to journalArticlepeer-review

10 Scopus citations


It has been claimed thatmany security breaches are often caused by vulnerable (näive) employees within the organization [Ponemon Institute LLC 2015a]. Thus, the weakest link in security is often not the technology itself but rather the people who use it [Schneier 2003]. In this article, we propose a machine learning scheme for detecting risky webpages and risky browsing behavior, performed by näive users in the organization. The scheme analyzes the interaction between two modules: one represents näive users, while the other represents risky webpages. It implements a feedback loop between these modules such that if a webpage is exposed to a lot of traffic from risky users, its "risk score" increases, while in a similar manner, as the user is exposed to risky webpages (with a high "risk score"), his own "risk score" increases. The proposed scheme is tested on a real-world dataset of HTTP logs provided by a large American toolbar company. The results suggest that a feedback learning process involving webpages and users can improve the scoring accuracy and lead to the detection of unknown malicious webpages.

Original languageEnglish
Article number2928274
JournalACM Transactions on Intelligent Systems and Technology
Issue number4
StatePublished - May 2017
Externally publishedYes


  • Link-based ranking algorithms
  • Machine learning
  • Malware detection
  • Naïve user behavior
  • Spectral clustering


Dive into the research topics of 'A risk-scoring feedback model for webpages and web users based on browsing behavior'. Together they form a unique fingerprint.

Cite this