USING BLACK-LIST AND WHITE-LIST TECHNIQUE TO DETECT MALICIOUS URLS
H. TARIQ, W. YANG, I. HAMEED, B. AHMED, and R. KHAN. IJIRIS:: International Journal of Innovative Research Journal in Information SecurityVolume IV (Issue XII):
01-07(December 2017)1 Hugh A. Chipman, Edward I. George, and Robert E. McCulloch. “Bayesian CART Model Search.” Journal of the American Statistical Association, Vol. 93(443), pp 935–948, September 1998. 2 Sujata Garera, Niels Provos, Monica Chew, and Aviel D. Rubin. “A framework for detection and measurement of phishing attacks.” In Proceedings of the 2007 ACM workshop on Recurring malicious code - WORM ’07, page 1, 2007. 3 Abhishek Gattani, AnHai Doan, Digvijay S. Lamba, NikeshGarera, Mitul Tiwari, Xiaoyong Chai, Sanjib Das, Sri Subramaniam, AnandRajaraman, and VenkyHarinarayan. “Entity extraction, linking, classifica- tion, and tagging for social media.” Proceedings of the VLDB Endowment, Vol. 6(11), pp 1126–1137, August 2013. 4 David D. Lewis. Naive (Bayes) at forty: The independence assumption in information retrieval. pages 4–15. 1998. 5 Justin Ma, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker. “Learning to detect malicious URLs.” ACM Transactions on Intelligent Systems and Technology, Vol. 2(3), pp 1–24, April 2011. 6 FadiThabtah Maher Aburrous, M.A.Hossain, KeshavDahal. “Intelligent phishing detection system for e-banking using fuzzy data mining.” Expert Systems with Applications, Vol. 37(12), pp 7913–7921, Dec 2010. 7 AnkushMeshram and Christian Haas. “Anomaly Detection in Industrial. Networks using Machine Learning: A Roadmap.” In Machine Learning for Cyber Physical Systems, pages 65–72. Springer Berlin Heidelberg, Berlin, Heidelberg, 2017. 8 Xuequn Wang Nik Thompson,Tanya Jane McGill. “Security begins at home: Determinants of home computer and mobile device security behavior.” Computers & Security, Vol. 70, pp 376–391, Sep 2017. 9 Dan Steinberg and Phillip Colla. “CART: Classification and Regression Trees.” The Top Ten Algorithms in Data Mining, pp 179–201, 2009. 10 D. Teal. “Information security techniques including detection, interdiction and/or mitigation of memory injection attacks,” Google patents. Oct 2013. 11 Kurt Thomas, Chris Grier, Justin Ma, Vern Paxson, and Dawn Song. “Design and Evaluation of a Real-Time URL Spam Filtering Service.” In 2011 IEEE Symposium on Security and Privacy, pp 447–462. May 2011. 12 Sean Whalen, Nathaniel Boggs, and Salvatore J. Stolfo. “Model Aggregation for Distributed Content Anomaly Detection.” In Proceedings of the 2014 Workshop on Artificial Intelligent and Security Workshop - AISec ’14, pp 61–71, New York, USA, 2014. ACM Press. 13 Ying Yang and Geoffrey I. Webb. “Discretization for Naive-Bayes learning: managing a discretization bias and variance.” Machine Learning, Vol. 74(1), pp 39–74, Jan 2009..
Malicious URLs are harmful to every aspect of computer users. Detecting of the malicious URL is very important. Currently, detection of malicious web pages techniques includes black-list and white-list methodology and machine learning classification algorithms are used. However, the black-list and white-list technology is useless if a particular URL is not in list. In this paper, we propose a multi-layer model for detecting malicious URL. The filter can directly determine the URL by training the threshold of each layer filter when it reaches the threshold. Otherwise, the filter leaves the URL to next layer. We also used an example to verify that the model can improve the accuracy of URL detection.