Malicious Web Pages Detection Using Static Analysis of URLs
Malicious Web Pages Detection Using Static Analysis of URLs
Author(s): Dharmaraj R. PATIL, J.B. PATILSubject(s): ICT Information and Communications Technologies
Published by: Asociatia Romana pentru Asigurarea Securitatii Informatiei
Keywords: Feature extraction; Machine Learning; security; Static analysis; URLs
Summary/Abstract: Malicious Web pages detection becomes a crucial task, due to the ever changing nature of attacks and the structure of todays Web pages. Attackers employ different techniques for attack constructions. Therefore, feature selection and dataset preparation plays an important role in detection of malicious Web pages. While the existing approaches provide a promising solution in detection of malicious Web pages, still there are open issues in the effective detection. In this paper, we have provided the static analysis of URL string for effective detection of malicious Web pages. We have considered only static features of Web page URLs. We have extracted 79 static features of URLs and domain names from benchmarks benign and malicious URLs. We have evaluated several batch learning algorithms like SVM, AdaBoost, J48, Random Forest, Random Tree, Naive Bayes, Logistic Regression, SGD and BayesNet on our dataset. Our experimental analysis shows promising detection results, a detection rate between 95%-99% and very low false positive rate (FPR) and false negative rate (FNR) for all the classification models.
Journal: International Journal of Information Security and Cybercrime (IJISC)
- Issue Year: 5/2016
- Issue No: 2
- Page Range: 57-70
- Page Count: 14
- Language: English
- Content File-PDF