DOI QR코드

DOI QR Code

Malicious URL Detection by Visual Characteristics with Machine Learning: Roles of HTTPS

시각적 특징과 머신 러닝으로 악성 URL 구분: HTTPS의 역할

  • Received : 2023.10.26
  • Accepted : 2023.12.30
  • Published : 2023.12.31

Abstract

In this paper, we present a new method for classifying malicious URLs to reduce cases of learning difficulties due to unfamiliar and difficult terms related to information protection. This study plans to extract only visually distinguishable features within the URL structure and compare them through map learning algorithms, and to compare the contribution values of the best map learning algorithm methods to extract features that have the most impact on classifying malicious URLs. As research data, Kaggle used data that classified 7,046 malicious URLs and 7.046 normal URLs. As a result of the study, among the three supervised learning algorithms used (Decision Tree, Support Vector Machine, and Logistic Regression), the Decision Tree algorithm showed the best performance with 83% accuracy, 83.1% F1-score and 83.6% Recall values. It was confirmed that the contribution value of https is the highest among whether to use https, sub domain, and prefix and suffix, which can be visually distinguished through the feature contribution of Decision Tree. Although it has been difficult to learn unfamiliar and difficult terms so far, this study will be able to provide an intuitive judgment method without explanation of the terms and prove its usefulness in the field of malicious URL detection.

Keywords

References

  1. AhnLab. (2023, July 18). Retrieved November 5, 2023, from https://www.ahnlab.com/ko/contents/content-center/33769
  2. Han, C. R., Yun, S. H., Han, M. J., & Lee, I. G. (2022). Machine Learning-Based Malicious URL Detection Technique. Journal of the Korea Institute of Information Security & Cryptology, 32(3), 555-564.
  3. Jang, J. Y., Lim, K. D., & Lee, S. J. (2022). An Harmful site collection system using Characteristic of HTML and URL. Journal of Digital Forensics, 16(1), 54-63. https://doi.org/10.22798/KDFS.2022.16.1.54
  4. Kang, H. K., Shin, S. S., Kim, D. Y., & Park, S. T. (2020). Design and Implementation of Malicious URL Prediction System based on Multiple Machine Learning Algorithms. Journal of Korea Multimedia Society, 23(11), 1396-1405.
  5. Kim, B. M., Han, Y. W., Kim, G. Y., Kim, Y. B., & Kim, H. J. (2020). Development of Rule-Based Malicious URL Detection Library Considering User Experiences*. Journal of the Korea Institute of Information Security & Cryptology, 30(3), 481-491.
  6. Kim, J. K., Jang, M. H., Lim, S. N., & Kim, M. S. (2021). A Study on the Detection Method of Malicious URLs based on the Internet Search Engines using the Machine Learning. The transactions of The Korean Institute of Electrical Engineers, 70(1), 114-120, 10.5370/KIEE.2021.70.1.114
  7. Kim, Y. J., & Lee, J. W. (2022). Development of a Malicious URL Machine Learning Detection Model Reflecting the Main Feature of URLs. Journal of the Korea Institute of Information and Communication Engineering, 26(12), 1786-1793.
  8. KOSIS. (2023, March 7). Retrieved November 3, 2023, from https://kostat.go.kr/ansk/
  9. KOSIS. (2023, August 25). Retrieved November 7, 2023, from https://kosis.kr/index/index.do
  10. Microsoft. (2023, December 6). Retrieved December 10, 2023, from https://learn.microsoft.com/ko-kr/azure/machinelearning/overview-what-is-azure-machinelearning?view=azureml-api-2