使用字节袋对URL位流进行分类

2018 21st Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN) Pub Date : 2018-02-01 DOI:10.1109/ICIN.2018.8401597

K. Shima, Daisuke Miyamoto, Hiroshi Abe, Tomohiro Ishihara, Kazuya Okada, Y. Sekiya, H. Asai, Yusuke Doi

{"title":"使用字节袋对URL位流进行分类","authors":"K. Shima, Daisuke Miyamoto, Hiroshi Abe, Tomohiro Ishihara, Kazuya Okada, Y. Sekiya, H. Asai, Yusuke Doi","doi":"10.1109/ICIN.2018.8401597","DOIUrl":null,"url":null,"abstract":"Protecting users from accessing malicious web sites is one of the important management tasks for network operators. There are many open-source and commercial products to control web sites users can access. The most traditional approach is blacklist-based filtering. This mechanism is simple but not scalable, though there are some enhanced approaches utilizing fuzzy matching technologies. Other approaches try to use machine learning (ML) techniques by extracting features from URL strings. This approach can cover a wider area of Internet web sites, but finding good features requires deep knowledge of trends of web site design. Recently, another approach using deep learning (DL) has appeared. The DL approach will help to extract features automatically by investigating a lot of existing sample data. Using this technique, we can build a flexible filtering decision module by keep teaching the neural network module about recent trends, without any specific expert knowledge of the URL domain. In this paper, we apply a mechanical approach to generate feature vectors from URL strings. We implemented our approach and tested with realistic URL access history data taken from a research organization and data from the famous archive site of phishing site information, PhishTank.com. Our approach achieved 2∼3% better accuracy compared to the existing DL- based approach.","PeriodicalId":103076,"journal":{"name":"2018 21st Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"17","resultStr":"{\"title\":\"Classification of URL bitstreams using bag of bytes\",\"authors\":\"K. Shima, Daisuke Miyamoto, Hiroshi Abe, Tomohiro Ishihara, Kazuya Okada, Y. Sekiya, H. Asai, Yusuke Doi\",\"doi\":\"10.1109/ICIN.2018.8401597\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Protecting users from accessing malicious web sites is one of the important management tasks for network operators. There are many open-source and commercial products to control web sites users can access. The most traditional approach is blacklist-based filtering. This mechanism is simple but not scalable, though there are some enhanced approaches utilizing fuzzy matching technologies. Other approaches try to use machine learning (ML) techniques by extracting features from URL strings. This approach can cover a wider area of Internet web sites, but finding good features requires deep knowledge of trends of web site design. Recently, another approach using deep learning (DL) has appeared. The DL approach will help to extract features automatically by investigating a lot of existing sample data. Using this technique, we can build a flexible filtering decision module by keep teaching the neural network module about recent trends, without any specific expert knowledge of the URL domain. In this paper, we apply a mechanical approach to generate feature vectors from URL strings. We implemented our approach and tested with realistic URL access history data taken from a research organization and data from the famous archive site of phishing site information, PhishTank.com. Our approach achieved 2∼3% better accuracy compared to the existing DL- based approach.\",\"PeriodicalId\":103076,\"journal\":{\"name\":\"2018 21st Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN)\",\"volume\":\"28 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"17\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 21st Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICIN.2018.8401597\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 21st Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICIN.2018.8401597","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 17

摘要

防止用户访问恶意网站是网络运营商的重要管理任务之一。有许多开源和商业产品来控制用户可以访问的网站。最传统的方法是基于黑名单的过滤。这种机制很简单，但不可扩展，尽管有一些利用模糊匹配技术的增强方法。其他方法尝试通过从URL字符串中提取特征来使用机器学习(ML)技术。这种方法可以覆盖更广泛的互联网网站，但是找到好的功能需要对网站设计趋势有深入的了解。最近，另一种使用深度学习(DL)的方法出现了。深度学习方法将通过调查大量现有样本数据来帮助自动提取特征。使用这种技术，我们可以通过不断地向神经网络模块教授最近的趋势来构建一个灵活的过滤决策模块，而不需要任何特定的URL域专家知识。在本文中，我们采用机械方法从URL字符串生成特征向量。我们实施了我们的方法，并使用来自研究机构的真实URL访问历史数据和来自著名的钓鱼网站信息存档网站PhishTank.com的数据进行了测试。与现有的基于深度学习的方法相比，我们的方法的准确率提高了2 ~ 3%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Classification of URL bitstreams using bag of bytes

Protecting users from accessing malicious web sites is one of the important management tasks for network operators. There are many open-source and commercial products to control web sites users can access. The most traditional approach is blacklist-based filtering. This mechanism is simple but not scalable, though there are some enhanced approaches utilizing fuzzy matching technologies. Other approaches try to use machine learning (ML) techniques by extracting features from URL strings. This approach can cover a wider area of Internet web sites, but finding good features requires deep knowledge of trends of web site design. Recently, another approach using deep learning (DL) has appeared. The DL approach will help to extract features automatically by investigating a lot of existing sample data. Using this technique, we can build a flexible filtering decision module by keep teaching the neural network module about recent trends, without any specific expert knowledge of the URL domain. In this paper, we apply a mechanical approach to generate feature vectors from URL strings. We implemented our approach and tested with realistic URL access history data taken from a research organization and data from the famous archive site of phishing site information, PhishTank.com. Our approach achieved 2∼3% better accuracy compared to the existing DL- based approach.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2018 21st Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN)

自引率

0.00%

发文量