Novel Security Metrics for Identifying Risky Unified Resource Locators (URLs)

IF 1.5 4区 工程技术 Q3 ENGINEERING, ELECTRICAL & ELECTRONIC Iranian Journal of Science and Technology-Transactions of Electrical Engineering Pub Date : 2024-05-10 DOI:10.1007/s40998-023-00690-x
Mahmood Deypir, Toktam Zoughi
{"title":"Novel Security Metrics for Identifying Risky Unified Resource Locators (URLs)","authors":"Mahmood Deypir, Toktam Zoughi","doi":"10.1007/s40998-023-00690-x","DOIUrl":null,"url":null,"abstract":"<p>Attackers perform malicious activities by sending <i>URL</i>s to victims via e-mail, <i>SMS</i>, social network messages, and other means. Recently, intruders have been generating malicious <i>URL</i>s algorithmically. They also use shortening or obfuscation services to bypass firewalls and other security barriers. Some machine learning methods have been presented in order to identify malicious <i>URLs</i> from normal ones, all of which are subject to classification errors. On the other hand, it is impractical to have a complete and up-to-date blacklist due to large number of daily generated malicious <i>URL</i>s. Therefore, calculating the <i>URLs</i> security risk would be more helpful than <i>URLs</i> classification. In this way a user can correctly decide whether to use an unfamiliar <i>URL</i> if they know its associated security risk. In this study, the problem of <i>URLs</i> security risk computation is introduced and two effective novel criteria for this problem are proposed. Based on these criteria, a security risk score can be estimated for each incoming <i>URL</i>. In the first criterion, based on previous malicious and non-malicious <i>URL</i> instances, the extracted features of a <i>URL</i> are divided into two categories, those increase the risk and those reduce the security risk. In the second criterion, security risk score of an unknown <i>URL</i> is estimated based on its distances to nearest known malicious and also safe <i>URLs</i>. For both criterion, corresponding formulations and algorithms are also designed and are described. Extensive empirical evaluations on various real datasets show the effectiveness of the proposed criteria in terms of malicious <i>URL</i> detection rate. Moreover, our experiments show that the proposed metrics significantly outperforms previously proposed risk score criteria.</p>","PeriodicalId":49064,"journal":{"name":"Iranian Journal of Science and Technology-Transactions of Electrical Engineering","volume":"38 1","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2024-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Iranian Journal of Science and Technology-Transactions of Electrical Engineering","FirstCategoryId":"5","ListUrlMain":"https://doi.org/10.1007/s40998-023-00690-x","RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}
引用次数: 0

Abstract

Attackers perform malicious activities by sending URLs to victims via e-mail, SMS, social network messages, and other means. Recently, intruders have been generating malicious URLs algorithmically. They also use shortening or obfuscation services to bypass firewalls and other security barriers. Some machine learning methods have been presented in order to identify malicious URLs from normal ones, all of which are subject to classification errors. On the other hand, it is impractical to have a complete and up-to-date blacklist due to large number of daily generated malicious URLs. Therefore, calculating the URLs security risk would be more helpful than URLs classification. In this way a user can correctly decide whether to use an unfamiliar URL if they know its associated security risk. In this study, the problem of URLs security risk computation is introduced and two effective novel criteria for this problem are proposed. Based on these criteria, a security risk score can be estimated for each incoming URL. In the first criterion, based on previous malicious and non-malicious URL instances, the extracted features of a URL are divided into two categories, those increase the risk and those reduce the security risk. In the second criterion, security risk score of an unknown URL is estimated based on its distances to nearest known malicious and also safe URLs. For both criterion, corresponding formulations and algorithms are also designed and are described. Extensive empirical evaluations on various real datasets show the effectiveness of the proposed criteria in terms of malicious URL detection rate. Moreover, our experiments show that the proposed metrics significantly outperforms previously proposed risk score criteria.

Abstract Image

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
用于识别有风险的统一资源定位器 (URL) 的新型安全指标
攻击者通过电子邮件、短信、社交网络消息和其他方式向受害者发送 URL,从而实施恶意活动。最近,入侵者开始通过算法生成恶意 URL。他们还利用缩短或混淆服务绕过防火墙和其他安全屏障。为了从正常 URL 中识别恶意 URL,人们提出了一些机器学习方法,但所有这些方法都存在分类错误。另一方面,由于每天都会产生大量恶意 URL,要拥有一份完整且最新的黑名单是不切实际的。因此,计算 URL 的安全风险比 URL 分类更有帮助。这样,如果用户知道一个陌生网址的相关安全风险,就能正确决定是否使用该网址。本研究介绍了 URL 安全风险计算问题,并针对这一问题提出了两个有效的新标准。根据这些标准,可以为每个进入的网址估算出安全风险分数。在第一个标准中,根据以往的恶意和非恶意 URL 实例,将提取的 URL 特征分为两类,即增加风险的特征和降低安全风险的特征。在第二个标准中,未知网址的安全风险分数是根据其与最近的已知恶意网址和安全网址的距离来估算的。针对这两个标准,还设计并描述了相应的公式和算法。在各种真实数据集上进行的广泛经验评估表明,所提出的标准在恶意 URL 检测率方面非常有效。此外,我们的实验还表明,所提出的度量标准明显优于之前提出的风险评分标准。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
CiteScore
5.50
自引率
4.20%
发文量
93
审稿时长
>12 weeks
期刊介绍: Transactions of Electrical Engineering is to foster the growth of scientific research in all branches of electrical engineering and its related grounds and to provide a medium by means of which the fruits of these researches may be brought to the attentionof the world’s scientific communities. The journal has the focus on the frontier topics in the theoretical, mathematical, numerical, experimental and scientific developments in electrical engineering as well as applications of established techniques to new domains in various electical engineering disciplines such as: Bio electric, Bio mechanics, Bio instrument, Microwaves, Wave Propagation, Communication Theory, Channel Estimation, radar & sonar system, Signal Processing, image processing, Artificial Neural Networks, Data Mining and Machine Learning, Fuzzy Logic and Systems, Fuzzy Control, Optimal & Robust ControlNavigation & Estimation Theory, Power Electronics & Drives, Power Generation & Management The editors will welcome papers from all professors and researchers from universities, research centers, organizations, companies and industries from all over the world in the hope that this will advance the scientific standards of the journal and provide a channel of communication between Iranian Scholars and their colleague in other parts of the world.
期刊最新文献
Setting-Less Differential Protection of Power Transformers Based on Wavelet Transform Stacked Denoising Variational Auto Encoder Model for Extractive Web Text Summarization Fault Resilient Ability of Reduced Switches Multi Level Inverter for Off Grid Applications A High Gain and Compact CPW-fed UWB Antenna Based on a Novel Frequency Selective Surface with Angular Stability LAA-D: Lightweight Authentication and Access Control Mechanism with Dual-Data Storage in Cloud-Internet of Things System Using Blockchain
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1