Top

Published in:

2023 | OriginalPaper | Chapter

Building a Multi-class Prediction App for Malicious URLs

Authors : Vijayaraj Sundaram, Shinu Abhi, Rashmi Agarwal

Published in: Advanced Network Technologies and Intelligent Computing

Publisher: Springer Nature Switzerland

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The page that houses a malicious snippet that could misuse a user's computing resources, steal confidential data, or carry out other forms of assaults is known as a malicious host URL. They are generally distributed across the world wide web under various usage categories like spam, malware, phishing, etc. Although numerous methods or fixes (to identify URLs) have been developed in recent years, still cyberattacks continue to occur.

This study contributes towards implementing three tiers of the system for detection and protection from harmful URLs. The first tier focuses on evaluating the performance of discriminative features in model creation. Discriminative features are derived from URL details and “Whois” webpage information that helps in improving detection performance with less latency and low computational complexity. The influence of feature variation on Parametric (neural network) and non-parametric classifier detection results are assessed to narrow down to the most prominent features to be adapted in the best model for the task of identifying URLs with multi-categorization. The study reveals that non-parametric ensemble models like Light GBM, XGBoost, and Random Forest performed well with a detection accuracy of over 95%, which facilitated building a real-time detection system and differentiating multiple attack types (such as Malware, Phishing, and spam).

The second tier focuses on validation with a global database to know, if entered URL is reported as suspicious by various detection engines already. If not, it enables the user in updating the global database with URL details that are new and not reported yet. Finally, the two modules are integrated to create a web application using Streamlit that provides full system protection against malicious URLs.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter A Hybrid Model for Fake News Detection Using Clickbait: An Incremental Approach

next chapter Comparative Performance of Maximum Likelihood and Minimum Distance Classifiers on Land Use and Land Cover Analysis of Varanasi District (India)

Acharya, J., Chuadhary, A., Chhabria, A., Jangale, S: Detecting malware, malicious URLs and virus using machine learning and signature matching. In: 2021 2nd International Conference on Emerging Technology INCET 2021, pp. 1–5. https://doi.org/10.1109/INCET51464.2021.9456440

Rosenthal, M.: Must-Know Phishing Statistics: Updated (2022). https://www.tessian.com/blog/phishing-statistics-2020/#phishing-by-country

Public, C.: Cyber security threat trends (2021)

Sahingoz, O.K., Buber, E., Demir, O., Diri, B.: Machine learning based phishing detection from URLs. Expert Syst. Appl. 117, 345–357 (2019). https://doi.org/10.1016/j.eswa.2018.09.029CrossRef

Zhao, H., Chen, Z., Yan, R.: Malicious domain names detection algorithm based on statistical features of URLs. In: 2022 IEEE 25th International Conference on Computer Supported Cooperative Work Design CSCWD 2022, pp. 11–16 (2022). https://doi.org/10.1109/CSCWD54268.2022.9776264

George, R., Jalal, R., Raju, R.M., Sunny, S.S., Hari, M.: High responsive plug-in for malicious URL detection. In: Proceedings of International Conference on Trends in Electronics Informatics, ICOEI 2019, pp. 357–359 (2019). https://doi.org/10.1109/ICOEI.2019.8862664

Li, T., Kou, G., Peng, Y.: Improving malicious URLs detection via feature engineering: linear and nonlinear space transformation methods. Inf. Syst. 91, 101494 (2020). https://doi.org/10.1016/j.is.2020.101494CrossRef

Chen, Y., Zhou, Y., Dong, Q., Li, Q.: A malicious URL detection method based on CNN. In: 2020 IEEE Conference on Telecommunications, Optics and Computer Science TOCS 2020, pp. 23–28 (2020). https://doi.org/10.1109/TOCS50858.2020.9339761

Anti-Phishing Working Group and Institute of Electrical and Electronics Engineers. Classifying Phishing URLs Using Recurrent Neural Networks

10.

Choi, H., Zhu, B.B., Lee, H.: Detecting malicious web links and identifying their attack types. WebApps, no. July 2014, p. 11 (2011). http://dl.acm.org/citation.cfm?id=2002168.2002179

11.

Ramesh, K., Bennet, M.A., Veerappan, J., Renjith, P.N.: Performance metric system for malicious URL data using revised random forest algorithm. In: Proceedings of the 5th International Conference on Computing Methodologies and Communication ICCMC 2021, no. ICCMC, pp. 1188–1191 (2021). https://doi.org/10.1109/ICCMC51019.2021.9418480

12.

Shantanu, B.J., Arul Kumar, R.J.: Malicious URL detection: a comparative study. In: Proceedings of International Conference on Artificial Intelligent Smart System ICAIS 2021, pp. 1147–1151 (2021). https://doi.org/10.1109/ICAIS50930.2021.9396014

13.

Zhang, W., Ren, H., Jiang, Q.: Application of feature engineering for phishing detection. IEICE Trans. Inf. Syst. E99D(4), 1062–1070 (2016). https://doi.org/10.1587/transinf.2015CYP0005CrossRef

14.

Alsaedi, M., Ghaleb, F., Saeed, F., Ahmad, J., Alasli, M.: Cyber threat intelligence-based malicious URL detection model using ensemble learning. Sensors 22(9), 3373 (2022). https://doi.org/10.3390/s22093373CrossRef

15.

Alazab, M., Fellow, S.: Malicious URL detection using deep learning.

16.

Yuan, J., Chen, G., Tian, S., Pei, X.: Malicious URL detection based on a parallel neural joint model. IEEE Access 9, 9464–9472 (2021). https://doi.org/10.1109/ACCESS.2021.3049625CrossRef

17.

Simran, K., Balakrishna, P., Vinayakumar, R., Soman, K.P.: Deep learning based frameworks for handling imbalance in DGA, Email, and URL data analysis. In: Balusamy, S., Dudin, A.N., Graña, M., Mohideen, A.K., Sreelaja, N.K., Malar, B. (eds.) ICC3 2019. CCIS, vol. 1213, pp. 93–104. Springer, Singapore (2020). https://doi.org/10.1007/978-981-15-9700-8_8CrossRef

18.

Tan, G., Zhang, P., Liu, Q., Liu, X., Zhu, C., Guo, L.: MalFilter: a lightweight real-time malicious URL filtering system in large-scale networks. In: Proceedings of the 16th IEEE International Symposium on Parallel and Distributed Processing with Applications, 17th IEEE International Conference on Ubiquitous Computing and Communications, 8th IEEE International Conference on Big Data Cloud Computing, pp. 565–571 (2019). https://doi.org/10.1109/BDCloud.2018.00089

19.

Qabajeh, I., Thabtah, F., Chiclana, F.: A recent review of conventional vs. automated cybersecurity anti-phishing techniques. Comput. Sci. Rev. 29, 44–55 (2018). https://doi.org/10.1016/j.cosrev.2018.05.003CrossRef

20.

Rao, R.S., Ali, S.T.: PhishShield: a desktop application to detect phishing webpages through heuristic approach. Procedia Comput. Sci. 54, 147–156 (2015). https://doi.org/10.1016/j.procs.2015.06.017CrossRef

21.

Ranganayakulu, D.: Detecting malicious URLs in E-mail – an implementation. AASRI Procedia 4, 125–131 (2013). https://doi.org/10.1016/j.aasri.2013.10.020CrossRef

22.

Chiramdasu, R., Srivastava, G., Bhattacharya, S., Reddy, P.K., Gadekallu, T.R.: Malicious url detection using logistic regression (2021). https://doi.org/10.1109/COINS51742.2021.9524269

23.

Bharadwaj, R., Bhatia, A., Chhibbar, L.D., Tiwari, K., Agrawal, A.: Is this URL safe: detection of malicious URLs using global vector for word representation. In: Interenational Conference on Information Networking, vol. 2022, pp. 486–491 (2022). https://doi.org/10.1109/ICOIN53446.2022.9687204

24.

Hevapathige, A., Rathnayake, K.: Super learner for malicious URL detection. In: ICARC 2022 - 2nd International Conference on Advanced Research in Computing Towar. a Digit. Empower. Soc., pp. 114–119 (2022). https://doi.org/10.1109/ICARC54489.2022.9753802

25.

Dian zi ke ji da xue (Chengdu, Guo jia zi ran ke xue ji jin wei yuan hui (China). Institute of Electrical and Electronics Engineers. Chengdu Section, and Institute of Electrical and Electronics Engineers, MALICIOUS URL DETECTION USING MULTI-LAYER FILTERING MODEL

26.

Lakshmanarao, A., Babu, M.R., Bala Krishna, M.M.: Malicious URL detection using NLP, machine learning and FLASK (2021). https://doi.org/10.1109/ICSES52305.2021.9633889

27.

Alsmadi, T., Alqudah, N.: A survey on malware detection techniques. In: Proceedings of the 2021 International Conference on Information Technology ICIT 2021, pp. 371–376 (2021). https://doi.org/10.1109/ICIT52682.2021.9491765

28.

Verma, M., Ganguly, D.: Malicious URL Detection using Machine Learning: A Survey arXiv:1701.07179v3. Corr, vol. 1, no. 1, pp. 1281–1284 (2019). 10.1145/

Title: Building a Multi-class Prediction App for Malicious URLs
Authors: Vijayaraj Sundaram
Shinu Abhi
Rashmi Agarwal
Publisher: Springer Nature Switzerland
Book: Advanced Network Technologies and Intelligent Computing
Print ISBN: 978-3-031-28182-2

Electronic ISBN: 978-3-031-28183-9

Copyright Year: 2023
DOI: https://doi.org/10.1007/978-3-031-28183-9_32

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner