Towards the Detection of Malicious URL and Domain Names Using Machine Learning

Ghalati, Nastaran Farhadi; Ghalaty, Nahid Farhady; Barata, José

doi:10.1007/978-3-030-45124-0_10

Cited by 6 publications

(3 citation statements)

References 14 publications

(11 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another research used semantic features from domains and URLs to detect malicious URLs (Ghalati et al, 2020). The authors introduced an adaptive method that can dynamically change based on new feedback received on 0-day attacks, and they found that Random Forest has the highest accuracy of over 96% with more interpretability and performance bene ts.…”

Section: Related Workmentioning

confidence: 99%

“…Also, six out of ten papers have used Neural Networks (NN) and Deep Learning in their models and only two of them applied non-NN classi cation models. In addition, except for one research(Abdelnabi et al, 2020) that used visual data in their model, other papers utilized URLs in their work, and some of them applied NLP-based feature extraction methods to build a structured data set(Ghalati et al, 2020, Sahingoz et al, 2019 model and two categories of features: lexical features extracted from the URL strings and tokens frequency using the TF-IDF algorithm. Experimental results showed that the system achieved a false negative rate of only 1.35%.…”

mentioning

confidence: 99%

See 1 more Smart Citation

Evaluating Supervised Machine Learning Models for Zero-Day Phishing Attack Detection: A Comprehensive Study

Lotfi,

Valipourebrahimi,

Tran

2023

Preprint

View full text Add to dashboard Cite

To have highly secure e-commerce websites, detecting and preventing cyber-attacks is of high importance. Among diverse types of cyber-attacks, identifying zero-day attacks is problematic since they are unknown to the security system. It is because they usually are launched by an attacker and none of the existing defined patterns match with the unknown (malicious) case. There are many machine learning models developed to analyze and detect phishing websites, specifically using supervised models. However, the main issue with zero-day attacks is that they are not seen before, so their patterns are not trained to the model. Thus, the supervised models designed for detecting phishing URLs should be very accurate in predicting the label of unseen data. This research addresses the underlying issue by evaluating seven different supervised machine learning models to assess their accuracy in predicting zero-day phishing attacks. Unlike previous studies that examined models on features that are only extracted from URLs, our evaluation framework incorporates a comprehensive dataset that includes not only URL features but also third-party extracted features as well as content-based features. This research also examines the performance of the models under the impact of dimension reduction techniques. By reducing the dimensionality of the dataset, we aim to improve computational efficiency without compromising the accuracy of the models. The results depict that XGBoost performs best on zero-day attack data sets with accuracy and an f1-score of 96.6%, and PCA can be applied in high-dimensional data sets without adverse effects on the models’ performance.

show abstract

Section: Related Workmentioning

confidence: 99%

mentioning

confidence: 99%

Evaluating Supervised Machine Learning Models for Zero-Day Phishing Attack Detection: A Comprehensive Study

Lotfi,

Valipourebrahimi,

Tran

2023

Preprint

View full text Add to dashboard Cite

show abstract

“…The most common types of attacks that a user may encounter are malicious Uniform Resource Locators (URLs) and spam calls. It has been observed that 39% of URLs are malicious [2]. Malicious URLs can be used to instantiate drive-by-download, phishing, and spam.…”

Section: Introductionmentioning

confidence: 99%

"VNeSafe: Machine Learning-Assisted System for Detecting Malicious URLs and Spam Calls"

2024

JST: SSAD

View full text Add to dashboard Cite

Spam calls and malicious Uniform Resource Locators (URLs) have become major concerns for Internet users. Phishing, spam, and drive-by-download attacks can be initiated by malicious URLs, while normal users may experience irritation from spam calls. To tackle the aforementioned issues, we provide VNeSafe, a machine learning-assisted system, in this paper. By leveraging user feedback, VNeSafe may identify a phone number that is spam. Particularly, it keeps track of how many times a phone subscriber has been reported as spam. When such a number is over a predetermined threshold, VNeSafe automatically adds the phone number to a blacklist and blocks it. Furthermore, VNeSafe uses a natural language processing technique named TF-IDF in order to extract good features from a URL. The Random Forest algorithm then makes use of these features to determine whether the URL is malicious or not. Our empirical research has demonstrated that Random Forest can offer a real-time detection with an F1-score of 0.9298. This algorithm is ready to be deployed in VNeSafe and used on a general mobile device.

show abstract

A Review: How to Detect Malicious Domains

Wang

2021

Communications in Computer and Information Science

View full text Add to dashboard Cite

Towards the Detection of Malicious URL and Domain Names Using Machine Learning

Cited by 6 publications

References 14 publications

Evaluating Supervised Machine Learning Models for Zero-Day Phishing Attack Detection: A Comprehensive Study

Evaluating Supervised Machine Learning Models for Zero-Day Phishing Attack Detection: A Comprehensive Study

"VNeSafe: Machine Learning-Assisted System for Detecting Malicious URLs and Spam Calls"

A Review: How to Detect Malicious Domains

Contact Info

Product

Resources

About