Malicious Website Detection for Network Security OEMs

With our malicious URL dataset, threats and exploits are detected at the domain, full-path, or page-level. This includes malware, phishing, fraud, botnets, and spyware. zvelo analyzes billions of URLs and ad impressions daily by combining static analysis, behavioral analysis, 3rd party industry feeds, and human-supervised machine learning to deliver the most extensive malicious website detection.

An integrative multi-vector approach using in-house analysis is used by zvelo that combines the following methods:

The zveloLABS team continuously samples malicious detections to profile, test and validate malicious detections. These results are then used to feed/train the supervised Machine Learning systems and adjust or tune the efficiency, accuracy and overall effectiveness of malicious detections using internal key performance indicators while maintaining low false positive rates by incorporating our our malicious URL dataset into your solution.

Using traffic from over 500 million users and billions of ad impressions daily, zvelo provides comprehensive malicious detection from a broad range of threat vectors. View the zvelo Global Cyber Threat Map with a recent sampling of malicious threats including a density heatmap and recent malicious detections.

Our malicious website detection identifies by threat vector at the URL, IP, and page-level – malware, malware distribution, phishing, fraud, botnets, and emerging exploits.

From endpoint security to perimeter security to UTM vendors to hosted security providers, zvelo covers the broadest spectrum of flexible and easy-to-integrate deployment options including cloud-based API, a local SDK, or as a raw data stream.

New malicious detections from billions of daily transactions are available immediately for querying via an API or direct ingestion into systems and servers.

Malicious detections are made at the domain, sub-domain, full-path and page level, ensuring comprehensive detection of the most critical exploits and dangerous sites, enabling you to provide page-level protection for your users and applications.

Our malicious detection supports a wide range of applications and use cases for OEM Network Security solutions.

Some typical use cases for the integration of the malicious website detection offering with our malicious URL dataset, enabling filtering or blocking of traffic to or from sites, pages, or IPs detected as being malicious, phishing, fraud, botnet or some other exploit:

Ad Fraud

Sites that are being used to commit fraudulent online display advertising transactions using different ad impression boosting techniques including but not limited to the following, ads stacking, iframe stuffing, and hidden ads. Sites that have high non-human web traffic and with rapid, large, and unexplained changes in traffic.

Botnet

Bots are compromised machines running software that is used by hackers to send spam, phishing attacks, and denial of service attacks.

Command and Control Centers

Internet servers used to send commands to infected machines called bots.

Compromised & Links To Malware

Compromised web pages are pages that appear to be legitimate, but house malicious code or link to malicious websites hosting malware. These sites have been compromised by someone other than the site owner. If Firefox blocks a site as malicious, use this category. Examples are defaced, hacked by etc.

Malware Call-Home

When viruses and spyware report information back to a particular URL or check a URL for updates, this is considered a malware call-home address.

Malware Distribution Point

Web pages that host viruses, exploits, and other malware are considered Malware Distribution Points. Web Analysts may use this category if their anti-virus program triggers on a particular website.

Phishing/Fraud

Web pages that impersonate other web pages usually with the intent of stealing passwords, credit card numbers, or other information. Also includes web pages that are part of scams such as a “”419″” scam where a person is convinced to hand over money with the expectation of a big payback that never comes. Examples con, hoax, scam etc.

Spam URLs

URLs that frequently occur in spam messages.

Spyware & Questionable Software

Software that reports information back to a central server such as spyware or keystroke loggers. Also includes software that may have legitimate purposes, but some people may object to having on their system.