Analysis of third-party request structures to detect fraudulent websites

摘要

Third-party websites or applications are the key entities in the web eco-system that enable websites to function and offer services. Almost every organization today uses dozens of websites and sub-domains. Each provides essential functions and typically uses dozens of third-parties to produce its capabilities. With the growing problem of illegitimate websites, such as those peddling fake news and selling counterfeit products, the detection of fraudulent websites becomes more and more crucial. While the conventional method of fraudulent website detection mostly relies on the content-based analysis of websites, the method of this study uses third-party request structure features and attributes of third-parties engaged in the structure to predict legitimate and fraudulent websites. This method can be used on a real-time basis to complement current detection methods. Moreover, our approach is not limited to a specific category of websites. In other words, unlike previous studies, our approach is able to increase the likelihood of detecting all kinds of fake and fraudulent websites. The results of this study are largely robust across different predictive models.