Reinforcement Learning Based Accurate Detection of Malicious URLs with Multi-Feature Analysis

Xiaoyue Wan, Pengmin Li, Yuhuan Wang, Wei Wei, Liang Xiao
{"title":"Reinforcement Learning Based Accurate Detection of Malicious URLs with Multi-Feature Analysis","authors":"Xiaoyue Wan, Pengmin Li, Yuhuan Wang, Wei Wei, Liang Xiao","doi":"10.1109/iccc52777.2021.9580433","DOIUrl":null,"url":null,"abstract":"Malicious URLs result in malware installation, privacy leakage and illegal funding of mobile devices and computers. However, attackers frequently change domain names of URLs to avoid static detection and the malicious URL detection has to address variance in structure of domain names, which seriously degrades the detection accuracy in fixed detection policy selection and impedes optimal policy selection with theoretical analysis. In this paper, we propose an accurate detection of malicious URLs to protect Internet users from accessing malicious URLs, which designs a multi-feature analysis architecture to exploit lexical and content-based features and applies reinforcement learning (RL) to choose the detection mode and parameter. We provide a lightweight RL-based detection with transfer learning and a deep RL-based detection to further improve the detection accuracy for the server with sufficient computation resources. Malicious URLs that have specific domain name features including long numeric string or high percentage of the numeric character or alphabetic string without syllables are considered and simulation results show that this scheme improves the detection accuracy and increases the utility compared with the benchmark scheme.","PeriodicalId":425118,"journal":{"name":"2021 IEEE/CIC International Conference on Communications in China (ICCC)","volume":"105 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-07-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE/CIC International Conference on Communications in China (ICCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/iccc52777.2021.9580433","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Malicious URLs result in malware installation, privacy leakage and illegal funding of mobile devices and computers. However, attackers frequently change domain names of URLs to avoid static detection and the malicious URL detection has to address variance in structure of domain names, which seriously degrades the detection accuracy in fixed detection policy selection and impedes optimal policy selection with theoretical analysis. In this paper, we propose an accurate detection of malicious URLs to protect Internet users from accessing malicious URLs, which designs a multi-feature analysis architecture to exploit lexical and content-based features and applies reinforcement learning (RL) to choose the detection mode and parameter. We provide a lightweight RL-based detection with transfer learning and a deep RL-based detection to further improve the detection accuracy for the server with sufficient computation resources. Malicious URLs that have specific domain name features including long numeric string or high percentage of the numeric character or alphabetic string without syllables are considered and simulation results show that this scheme improves the detection accuracy and increases the utility compared with the benchmark scheme.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
基于多特征分析的强化学习恶意url准确检测
恶意url导致恶意软件安装,隐私泄露和非法资金的移动设备和计算机。然而,攻击者经常改变URL的域名以避免静态检测,恶意URL检测需要解决域名结构的变化,这严重降低了固定检测策略选择的检测精度,阻碍了理论分析的最优策略选择。在本文中,我们提出了一种准确检测恶意url的方法,以保护互联网用户免受恶意url的访问。该方法设计了一种多特征分析架构,利用词法特征和基于内容的特征,并应用强化学习(RL)来选择检测模式和参数。我们提供了一种基于迁移学习的轻量级rl检测和一种基于深度rl的检测,以进一步提高具有足够计算资源的服务器的检测精度。仿真结果表明,与基准方案相比,该方案提高了检测精度,提高了实用性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
A Novel Group-oriented Handover Authentication Scheme in MEC-Enabled 5G Networks Joint Task Secure Offloading and Resource Allocation for Multi-MEC Server to Improve User QoE Dueling-DDQN Based Virtual Machine Placement Algorithm for Cloud Computing Systems Predictive Beam Tracking with Cooperative Sensing for Vehicle-to-Infrastructure Communications Age-aware Communication Strategy in Federated Learning with Energy Harvesting Devices
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1