Compromised vs. Attack Domains: Building Machine Learning Models to Identify Malicious Hosting Types

Note: This write up is based on our USENIX Security 2021 paper on detecting compromised vs. attack domains. [paper]

Malicious websites come in all sizes and shapes. Every day millions of users are tricked to access malicious websites crafted by Internet miscreants. They either impersonate a popular website (e.g. PayPal, Apple, Facebook) or trick you to download/install malware.