![]() Attackers spread fake information and advertisements to attract users to visit malicious websites. Moreover, according to Google’s safe browsing report, there were two million phishing websites in September 2020, an increase of nearly 2800% compared with the number in September 2010. A malicious website contains content that can be harmful such as malware or phishing attacks infecting the visitors’ smart devices with malware without user interaction, such as clicking or downloading, with the website.Īccording to, 18.5 million websites are infected by malware. ![]() Malicious websites are the primary attack vector that is used by cybercriminals to spread malware and archive attackers’ objectives. However, the Internet brings many cyber threats such as malware, spamming, phishing, financial fraud, information theft, and data sabotage. Most businesses shifted online due to the availability of reliable infrastructures such as cloud storage, cost-effective platforms, and a large target market. Due to the proliferation of mobile devices, ad hoc networks, smart sensors, and the Internet of Things technologies fueled by the imposed lockdown to mitigate the COVID-19 pandemic, the Internet has become an essential part of people’s daily lives and activities worldwide. Recently, the number of users surfing the Internet has increased exponentially. The proposed CTI-based detection model achieved a 7.8% accuracy improvement and 6.7% reduction in false-positive rates compared with the traditional URL-based model. Results show that the extracted CTI-based features with the two-stage classification outperform other studies’ detection models. The probabilistic output of the weak classifiers of the random forest was aggregated and used as input for the MLP classifier for adequate classification. The trained MLP classifier has replaced the majority voting scheme of the three trained random forest classifiers for decision making. ![]() The study also proposed a two-stage ensemble learning model that combines the random forest (RF) algorithm for preclassification with multilayer perceptron (MLP) for final decision making. ![]() Therefore, cyber threat intelligence-based (CTI) features extracted from Google searches and Whois websites are used to improve detection performance. Cybersecurity analysts and users reports around the globe can provide important information regarding malicious websites. The cyber threat intelligence-based features are extracted from web searches to improve detection accuracy. This study aims at improving the detection accuracy of malicious URL detection by designing and developing a cyber threat intelligence-based malicious URL detection model using two-stage ensemble learning. However, the detection of malicious URLs is still not well addressed due to insufficient features and inaccurate classification. Detecting malicious Uniform Resource Locators (URLs) is safer and more efficient than content analysis. However, most existing solutions rely on extracting features from the website’s content which can be harmful to the detection machines themselves and subject to obfuscations. Detecting malicious websites is essential to prevent the spreading of malware and protect end-users from being victims. However, many of these applications are either vulnerable to web defacement attacks or created and managed by hackers such as fraudulent and phishing websites. Billions of users are visiting these applications to accomplish their daily tasks. Web applications have become ubiquitous for many business sectors due to their platform independence and low operation cost.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |