Deep Reinforcement Learning-based Malicious URL Detection with Feature Selection

2024 IEEE 3rd International Conference on AI in Cybersecurity (ICAIC) Pub Date : 2024-02-07 DOI:10.1109/ICAIC60265.2024.10433827

Antonio Maci, Nicola Tamma, Anthony J. Coscia

{"title":"Deep Reinforcement Learning-based Malicious URL Detection with Feature Selection","authors":"Antonio Maci, Nicola Tamma, Anthony J. Coscia","doi":"10.1109/ICAIC60265.2024.10433827","DOIUrl":null,"url":null,"abstract":"Data theft through web applications that emulate legitimate platforms constitutes a major network security issue. Countermeasures using artificial intelligence (AI)-based systems are often applied because they can effectively detect malicious websites, which are extremely outnumbered by legitimate ones. In this domain, deep reinforcement learning (DRL) emerges as an attractive field for the development of network intrusion detection models, even in the case of highly skewed class distributions. However, DRL requires training time that increases with data complexity. This paper combines a DRL-based classifier with state-of-the-art feature selection techniques to speed up training while retaining or even improving classification performance. Our experiments used the Mendeley dataset and five different statistical and correlation-based feature-ranking strategies. The results indicated that the selection technique based on the calculation of the Gini index reduces the number of columns in the dataset by 27%, saving more than 10% of training time and significantly improving classification scores compared with the case without selection strategies.","PeriodicalId":517265,"journal":{"name":"2024 IEEE 3rd International Conference on AI in Cybersecurity (ICAIC)","volume":"6 3","pages":"1-7"},"PeriodicalIF":0.0000,"publicationDate":"2024-02-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2024 IEEE 3rd International Conference on AI in Cybersecurity (ICAIC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICAIC60265.2024.10433827","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Data theft through web applications that emulate legitimate platforms constitutes a major network security issue. Countermeasures using artificial intelligence (AI)-based systems are often applied because they can effectively detect malicious websites, which are extremely outnumbered by legitimate ones. In this domain, deep reinforcement learning (DRL) emerges as an attractive field for the development of network intrusion detection models, even in the case of highly skewed class distributions. However, DRL requires training time that increases with data complexity. This paper combines a DRL-based classifier with state-of-the-art feature selection techniques to speed up training while retaining or even improving classification performance. Our experiments used the Mendeley dataset and five different statistical and correlation-based feature-ranking strategies. The results indicated that the selection technique based on the calculation of the Gini index reduces the number of columns in the dataset by 27%, saving more than 10% of training time and significantly improving classification scores compared with the case without selection strategies.

查看原文本刊更多论文

基于深度强化学习的恶意 URL 检测与特征选择

通过仿冒合法平台的网络应用程序窃取数据是一个重大的网络安全问题。基于人工智能（AI）系统的反制措施经常被采用，因为它们可以有效地检测到数量远远多于合法网站的恶意网站。在这一领域，深度强化学习（DRL）成为开发网络入侵检测模型的一个有吸引力的领域，即使在类分布高度倾斜的情况下也是如此。然而，DRL 需要的训练时间会随着数据复杂度的增加而增加。本文将基于 DRL 的分类器与最先进的特征选择技术相结合，在保持甚至提高分类性能的同时加快了训练速度。我们的实验使用了 Mendeley 数据集和五种不同的基于统计和相关性的特征排序策略。结果表明，与不使用选择策略的情况相比，基于基尼指数计算的选择技术减少了 27% 的数据集列数，节省了 10% 以上的训练时间，并显著提高了分类得分。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2024 IEEE 3rd International Conference on AI in Cybersecurity (ICAIC)

自引率

0.00%

发文量