URLYZER: sistema de identificação de URLs maliciosas utilizando IA como suporte à tomada de decisão
Abstract
This work presents the URLYZER, a system for identifying malicious URLs. As most resources on the web are accessed via a URL, it can be modified or spoofed for misuse. With this, URLYZER aims to analyze the URL, from the extraction of lexical characteristics, and using a Random Forest classifier to determine whether a given URL is benign or malignant. The classifier obtained satisfactory results with an accuracy of 86%, 79% precision, 98% recall and 88% in its F1-score.
References
Astorino, A., Chiarello, A., Gaudioso, M., and Piccolo, A. (2017). Malicious url detection via spherical classification. Neural Computing and Applications, 28(1):699–705.
Ayres, L. D. G., Brito, I. V. S., Gomes, R. R., et al. (2019). Utilizando aprendizado de máquina para detecção automática de urls maliciosas brasileiras. In Anais Principais do XXXVII Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos, pages 972–985. SBC.
Bezzera, M. A. and Feitosa, E. (2015). Investigando o uso de características na detecção de urls maliciosas.
Darling, M., Heileman, G., Gressel, G., Ashok, A., and Poornachandran, P. (2015). A lexical approach for classifying malicious urls. In 2015 international conference on high performance computing & simulation (HPCS), pages 195–202. IEEE.
Feroz, M. N. and Mengel, S. (2015). Phishing url detection using url ranking. In 2015 ieee international congress on big data, pages 635–638. IEEE.
Ma, J., Saul, L. K., Savage, S., and Voelker, G. M. (2009). Beyond blacklists: learning to detect malicious web sites from suspicious urls. In Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining, pages 1245–1254.
Sahoo, D., Liu, C., and Hoi, S. C. (2017). Malicious url detection using machine learning: A survey. arXiv preprint arXiv:1701.07179.
Sayamber, A. B. and Dixit, A. M. (2014). Malicious url detection and identication. International Journal of Computer Applications, 99(17):17–23.
Verma, R. and Das, A. (2017). What’s in a url: Fast feature extraction and malicious url detection. In Proceedings of the 3rd ACM on International Workshop on Security and Privacy Analytics, pages 55–63.
Yan, X., Xu, Y., Cui, B., Zhang, S., Guo, T., and Li, C. (2020). Learning url embedIEEE Transactions on Industrial Informatics, ding for malicious website detection. 16(10):6673–6681.
Ayres, L. D. G., Brito, I. V. S., Gomes, R. R., et al. (2019). Utilizando aprendizado de máquina para detecção automática de urls maliciosas brasileiras. In Anais Principais do XXXVII Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos, pages 972–985. SBC.
Bezzera, M. A. and Feitosa, E. (2015). Investigando o uso de características na detecção de urls maliciosas.
Darling, M., Heileman, G., Gressel, G., Ashok, A., and Poornachandran, P. (2015). A lexical approach for classifying malicious urls. In 2015 international conference on high performance computing & simulation (HPCS), pages 195–202. IEEE.
Feroz, M. N. and Mengel, S. (2015). Phishing url detection using url ranking. In 2015 ieee international congress on big data, pages 635–638. IEEE.
Ma, J., Saul, L. K., Savage, S., and Voelker, G. M. (2009). Beyond blacklists: learning to detect malicious web sites from suspicious urls. In Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining, pages 1245–1254.
Sahoo, D., Liu, C., and Hoi, S. C. (2017). Malicious url detection using machine learning: A survey. arXiv preprint arXiv:1701.07179.
Sayamber, A. B. and Dixit, A. M. (2014). Malicious url detection and identication. International Journal of Computer Applications, 99(17):17–23.
Verma, R. and Das, A. (2017). What’s in a url: Fast feature extraction and malicious url detection. In Proceedings of the 3rd ACM on International Workshop on Security and Privacy Analytics, pages 55–63.
Yan, X., Xu, Y., Cui, B., Zhang, S., Guo, T., and Li, C. (2020). Learning url embedIEEE Transactions on Industrial Informatics, ding for malicious website detection. 16(10):6673–6681.
Published
2021-08-16
How to Cite
GONÇALVES, Diego Luiz Nunes; LEITE FILHO, Dionsio Machado.
URLYZER: sistema de identificação de URLs maliciosas utilizando IA como suporte à tomada de decisão. In: WORKSHOP ON SCIENTIFIC INITIATION AND GRADUATION - BRAZILIAN SYMPOSIUM ON COMPUTER NETWORKS AND DISTRIBUTED SYSTEMS (SBRC), 39. , 2021, Uberlândia.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2021
.
p. 265-272.
ISSN 2177-9384.
DOI: https://doi.org/10.5753/sbrc_estendido.2021.17180.
