Saved in:
Bibliographic Details
Main Authors: Chiba, Daiki, Nakano, Hiroki, Koide, Takashi
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2410.02097
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866915163569913856
author Chiba, Daiki
Nakano, Hiroki
Koide, Takashi
author_facet Chiba, Daiki
Nakano, Hiroki
Koide, Takashi
contents In cybersecurity, allow lists play a crucial role in distinguishing safe websites from potential threats. Conventional methods for compiling allow lists, focusing heavily on website popularity, often overlook infrequently visited legitimate domains. This paper introduces DomainHarvester, a system aimed at generating allow lists that include trustworthy yet infrequently visited domains. By adopting an innovative bottom-up methodology that leverages the web's hyperlink structure, DomainHarvester identifies legitimate yet underrepresented domains. The system uses seed URLs to gather domain names, employing machine learning with a Transformer-based approach to assess their trustworthiness. DomainHarvester has developed two distinct allow lists: one with a global focus and another emphasizing local relevance. Compared to six existing top lists, DomainHarvester's allow lists show minimal overlaps, 4\% globally and 0.1\% locally, while significantly reducing the risk of including malicious domains, thereby enhancing security. The contributions of this research are substantial, illuminating the overlooked aspect of trustworthy yet underrepresented domains and introducing DomainHarvester, a system that goes beyond traditional popularity-based metrics. Our methodology enhances the inclusivity and precision of allow lists, offering significant advantages to users and businesses worldwide, especially in non-English speaking regions.
format Preprint
id arxiv_https___arxiv_org_abs_2410_02097
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle DomainHarvester: Harvesting Infrequently Visited Yet Trustworthy Domain Names
Chiba, Daiki
Nakano, Hiroki
Koide, Takashi
Cryptography and Security
In cybersecurity, allow lists play a crucial role in distinguishing safe websites from potential threats. Conventional methods for compiling allow lists, focusing heavily on website popularity, often overlook infrequently visited legitimate domains. This paper introduces DomainHarvester, a system aimed at generating allow lists that include trustworthy yet infrequently visited domains. By adopting an innovative bottom-up methodology that leverages the web's hyperlink structure, DomainHarvester identifies legitimate yet underrepresented domains. The system uses seed URLs to gather domain names, employing machine learning with a Transformer-based approach to assess their trustworthiness. DomainHarvester has developed two distinct allow lists: one with a global focus and another emphasizing local relevance. Compared to six existing top lists, DomainHarvester's allow lists show minimal overlaps, 4\% globally and 0.1\% locally, while significantly reducing the risk of including malicious domains, thereby enhancing security. The contributions of this research are substantial, illuminating the overlooked aspect of trustworthy yet underrepresented domains and introducing DomainHarvester, a system that goes beyond traditional popularity-based metrics. Our methodology enhances the inclusivity and precision of allow lists, offering significant advantages to users and businesses worldwide, especially in non-English speaking regions.
title DomainHarvester: Harvesting Infrequently Visited Yet Trustworthy Domain Names
topic Cryptography and Security
url https://arxiv.org/abs/2410.02097