Abstract
The Internet, computing systems, and web consumers have become prone to cyber-attacks. Malicious uniform resource locator (URL) is a well-known cyber-attack commonly used with the intent of data, money, or personal information stealing. This work focuses on analyzing URLs through machine learning techniques for their attack type. Our work uses lexical features of URLs to classify them according to their attack, namely phishing, Spam, benign, and malware. Four different classifiers are used, such as Decision Tree, Random Forest, SVM (Support Vector Machine), and Neural Network. The test results on our informational index show that this paper achieved the highest accuracy of 99% using Random Forest classification algorithm.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Virus total (2018). https://www.virustotal.com/
Kaggle dataset (2019). https://www.kaggle.com/datasets
malc0de dataset (2019). http://malc0de.com/database/
Malware domain list (2019). https://www.malwaredomainlist.com/
Openphish (2019). https://openphish.com/
Phish tank (2019). http://www.phishtank.com/
Cui, B., He, S., Yao, X., Shi, P.: Malicious url detection with feature extraction based on machine learning. Int. J. High Perform. Comput. Netw. 12(2), 166–178 (2018)
Darling, M., Heileman, G., Gressel, G., Ashok, A., Poornachandran, P.: A lexical approach for classifying malicious URLs. In: 2015 International Conference on High Performance Computing and Simulation (HPCS), pp. 195–202. IEEE (2015)
Dogru, N., Subasi, A.: Traffic accident detection using random forest classifier. In: 2018 15th Learning and Technology Conference (L&T), pp. 40–45. IEEE (2018)
Gunnarsdottir, K.M., Gamaldo, C.E., Salas, R.M., Ewen, J.B., Allen, R.P., Sarma, S.V.: A novel sleep stage scoring system: combining expert-based rules with a decision tree classifier. In: 2018 40th Annual International Conference of the IEEE Engineering in Medicine and Biology Society (EMBC), pp. 3240–3243. IEEE (2018)
Jain, D.: Improving software cost estimation process through classifcation data mining algorithms using weka tool. J. Commun. Eng. Syst. 8(2), 24–33 (2018)
Liu, C., Wang, L., Lang, B., Zhou, Y.: Finding effective classifier for malicious URL detection. In: Proceedings of the 2018 2nd International Conference on Management Engineering, Software Engineering and Service Sciences, pp. 240–244. ACM (2018)
Mamun, M.S.I., Rathore, M.A., Lashkari, A.H., Stakhanova, N., Ghorbani, A.A.: Detecting malicious URLs using lexical analysis. In: Chen, J., Piuri, V., Su, C., Yung, M. (eds.) NSS 2016. LNCS, vol. 9955, pp. 467–482. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46298-1_30
Muthal, S., Pawar, A., Harne, S.: A hybrid approach to detect suspicious URLs. IJARIIE-ISSN (O)-2395-4396 2
Patgiri, R., Katari, H., Kumar, R., Sharma, D.: Empirical study on malicious URL detection using machine learning. In: Fahrnberger, G., Gopinathan, S., Parida, L. (eds.) ICDCIT 2019. LNCS, vol. 11319, pp. 380–388. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-05366-6_31
Patil, D., Patil, J.: Feature-based malicious URL and attack type detection using multi-class classification. ISC Int. J. Inf. Secur. 10(2), 141–162 (2018)
Patil, D.R., Patil, J.: Malicious URLs detection using decision tree classifiers and majority voting technique. Cybern. Inf. Technol. 18(1), 11–29 (2018)
Rajalakshmi, R., Ramraj, S., Ramesh Kannan, R.: Transfer learning approach for identification of malicious domain names. In: Thampi, S.M., Madria, S., Wang, G., Rawat, D.B., Alcaraz Calero, J.M. (eds.) SSCC 2018. CCIS, vol. 969, pp. 656–666. Springer, Singapore (2019). https://doi.org/10.1007/978-981-13-5826-5_51
Sahingoz, O.K., Buber, E., Demir, O., Diri, B.: Machine learning based phishing detection from URLs. Expert Syst. Appl. 117, 345–357 (2019)
Veni, R.H., Reddy, A.H., Kesavulu, C.: Identifying malicious web links and their attack types in social networks (2018)
Wu, C.M., Min, L., Li, Y., Zou, X.C., Qiang, B.H.: Malicious website detection based on URLs static features. In: DEStech Transactions on Computer Science and Engineering (MSO) (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Monika, Tiwari, V. (2019). Automated Web Test for Loophole Detection. In: Luhach, A., Jat, D., Hawari, K., Gao, XZ., Lingras, P. (eds) Advanced Informatics for Computing Research. ICAICR 2019. Communications in Computer and Information Science, vol 1076. Springer, Singapore. https://doi.org/10.1007/978-981-15-0111-1_33
Download citation
DOI: https://doi.org/10.1007/978-981-15-0111-1_33
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-0110-4
Online ISBN: 978-981-15-0111-1
eBook Packages: Computer ScienceComputer Science (R0)