Classifying Malicious URLs Using Gated Recurrent Neural Networks
The past decade has witnessed a rapidly developing Internet, which consequently brings about devastating web attacks of various types. The popularity of automated web attack tools also pushes the need for better methods to proactively detect the huge amounts of evolutionary web attacks. In this work, large quantities of URLs were used for detecting web attacks using machine learning models. Based on the dataset and feature selection methods of , multi-classification of six types of URLs was explored using the random forest method, which was later compared against the gated recurrent neural networks. Even without the need of manual feature creation, the gated recurrent neural networks consistently outperformed the random forest method with well-selected features. Therefore, we determine it is an efficient and adaptive proactive detection system, which is more advanced in the ever-changing cyberspace environment.
This work was supported by National Natural Science Foundation of China (No. U1536122).
- 1.Cui, B., et al.: Malicious URL detection with feature extraction based on machine learningGoogle Scholar
- 2.Cleary, G., Corpin, M., et al.: Symantec internet security threat report 2017. Symantec Corp., Mountain View, CA, USA, Technical report (2018)Google Scholar
- 3.Yang, J., et al.: Multi-classification for malicious URL based on improved semi-supervised algorithm. In: 2017 IEEE International Conference on Computational Science and Engineering (CSE) and Embedded and Ubiquitous Computing (EUC), vol. 1. IEEE (2017)Google Scholar
- 4.Zhang, J., Porras, P.A., Ullrich, J.: Highly predictive blacklisting. In: USENIX Security Symposium (2008)Google Scholar
- 5.Prakash, P., et al.: PhishNet: predictive blacklisting to detect phishing attacks. In: INFOCOM, 2010 Proceedings IEEE. IEEE (2010)Google Scholar
- 7.Garera, S., et al.: A framework for detection and measurement of phishing attacks. In: Proceedings of the 2007 ACM Workshop on Recurring Malcode. ACM (2007)Google Scholar
- 8.Bahnsen, A.C., et al.: Classifying phishing URLs using recurrent neural networks. In: 2017 APWG Symposium on Electronic Crime Research (eCrime). IEEE (2017)Google Scholar
- 10.Dietterich, T.G.: Machine learning for sequential data: a review. In: Joint IAPR International Workshops on Statistical Techniques in Pattern Recognition (SPR) and Structural and Syntactic Pattern Recognition (SSPR). Springer, Heidelberg (2002)Google Scholar
- 12.Gers, F.A., Schmidhuber, J., Cummins, F.: Learning to forget: continual prediction with LSTM. Neural Comput. 12, 850–855 (1999)Google Scholar