USING BLACK-LIST AND WHITE-LIST TECHNIQUE TO DETECT MALICIOUS URLS
IJIRIS:: International Journal of Innovative Research Journal in Information Security, Volume IV (Issue XII):
01-07 (December 2017)1 Hugh A. Chipman, Edward I. George, and Robert E. McCulloch. “Bayesian CART Model Search.” Journal of the American Statistical Association, Vol. 93(443), pp 935–948, September 1998. 2 Sujata Garera, Niels Provos, Monica Chew, and Aviel D. Rubin. “A framework for detection and measurement of phishing attacks.” In Proceedings of the 2007 ACM workshop on Recurring malicious code - WORM ’07, page 1, 2007. 3 Abhishek Gattani, AnHai Doan, Digvijay S. Lamba, NikeshGarera, Mitul Tiwari, Xiaoyong Chai, Sanjib Das, Sri Subramaniam, AnandRajaraman, and VenkyHarinarayan. “Entity extraction, linking, classifica- tion, and tagging for social media.” Proceedings of the VLDB Endowment, Vol. 6(11), pp 1126–1137, August 2013. 4 David D. Lewis. Naive (Bayes) at forty: The independence assumption in information retrieval. pages 4–15. 1998. 5 Justin Ma, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker. “Learning to detect malicious URLs.” ACM Transactions on Intelligent Systems and Technology, Vol. 2(3), pp 1–24, April 2011. 6 FadiThabtah Maher Aburrous, M.A.Hossain, KeshavDahal. “Intelligent phishing detection system for e-banking using fuzzy data mining.” Expert Systems with Applications, Vol. 37(12), pp 7913–7921, Dec 2010. 7 AnkushMeshram and Christian Haas. “Anomaly Detection in Industrial. Networks using Machine Learning: A Roadmap.” In Machine Learning for Cyber Physical Systems, pages 65–72. Springer Berlin Heidelberg, Berlin, Heidelberg, 2017. 8 Xuequn Wang Nik Thompson,Tanya Jane McGill. “Security begins at home: Determinants of home computer and mobile device security behavior.” Computers & Security, Vol. 70, pp 376–391, Sep 2017. 9 Dan Steinberg and Phillip Colla. “CART: Classification and Regression Trees.” The Top Ten Algorithms in Data Mining, pp 179–201, 2009. 10 D. Teal. “Information security techniques including detection, interdiction and/or mitigation of memory injection attacks,” Google patents. Oct 2013. 11 Kurt Thomas, Chris Grier, Justin Ma, Vern Paxson, and Dawn Song. “Design and Evaluation of a Real-Time URL Spam Filtering Service.” In 2011 IEEE Symposium on Security and Privacy, pp 447–462. May 2011. 12 Sean Whalen, Nathaniel Boggs, and Salvatore J. Stolfo. “Model Aggregation for Distributed Content Anomaly Detection.” In Proceedings of the 2014 Workshop on Artificial Intelligent and Security Workshop - AISec ’14, pp 61–71, New York, USA, 2014. ACM Press. 13 Ying Yang and Geoffrey I. Webb. “Discretization for Naive-Bayes learning: managing a discretization bias and variance.” Machine Learning, Vol. 74(1), pp 39–74, Jan 2009..DOI: 10.26562/IJIRIS.2017.DCIS10081
Abstract
Malicious URLs are harmful to every aspect of computer users. Detecting of the malicious URL is very important. Currently, detection of malicious web pages techniques includes black-list and white-list methodology and machine learning classification algorithms are used. However, the black-list and white-list technology is useless if a particular URL is not in list. In this paper, we propose a multi-layer model for detecting malicious URL. The filter can directly determine the URL by training the threshold of each layer filter when it reaches the threshold. Otherwise, the filter leaves the URL to next layer. We also used an example to verify that the model can improve the accuracy of URL detection.
Description
In recent years, the Internet has been playing a bigger and bigger role in people’s work and life. Currently, we observed that not every website is user-friendly and profitable. More and more malicious websites began to appear and these malicious websites end angering all aspects of the user. This can lead the user towards economic classes, even some can create confusion over the management of the country. Detecting and stopping malicious websites has become an important control measure to avoid the risk of information security [10],[8], [7].Generally, the only entrance to the website is URL, which can be malicious URL.