主动识别恶意url的技术研究

2015 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC) Pub Date : 2015-09-21 DOI:10.1109/SYNASC.2015.40

Adrian-Stefan Popescu, Dumitru-Bogdan Prelipcean, Dragos Gavrilut

{"title":"主动识别恶意url的技术研究","authors":"Adrian-Stefan Popescu, Dumitru-Bogdan Prelipcean, Dragos Gavrilut","doi":"10.1109/SYNASC.2015.40","DOIUrl":null,"url":null,"abstract":"As most of the malware nowadays use Internet as their main doorway to infect a new system, it has become imperative for security vendors to provide cloud-based solutions that can filter and block malicious URLs. This paper presents different practical considerations related to this problem. The key points that we focus on are the usage of different machine learning techniques and unsupervised learning methods for detecting malicious URLs with respect to memory footprint. The database that we have used in this paper was collected during a period of 48 weeks and consists in approximately 6,000,000 benign and malicious URLs. We also evaluated how detection rate and false positive rate evolved during that period and draw some conclusions related to current malware landscape and Internet attack vectors.","PeriodicalId":6488,"journal":{"name":"2015 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC)","volume":"82 1","pages":"204-211"},"PeriodicalIF":0.0000,"publicationDate":"2015-09-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"A Study on Techniques for Proactively Identifying Malicious URLs\",\"authors\":\"Adrian-Stefan Popescu, Dumitru-Bogdan Prelipcean, Dragos Gavrilut\",\"doi\":\"10.1109/SYNASC.2015.40\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As most of the malware nowadays use Internet as their main doorway to infect a new system, it has become imperative for security vendors to provide cloud-based solutions that can filter and block malicious URLs. This paper presents different practical considerations related to this problem. The key points that we focus on are the usage of different machine learning techniques and unsupervised learning methods for detecting malicious URLs with respect to memory footprint. The database that we have used in this paper was collected during a period of 48 weeks and consists in approximately 6,000,000 benign and malicious URLs. We also evaluated how detection rate and false positive rate evolved during that period and draw some conclusions related to current malware landscape and Internet attack vectors.\",\"PeriodicalId\":6488,\"journal\":{\"name\":\"2015 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC)\",\"volume\":\"82 1\",\"pages\":\"204-211\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-09-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SYNASC.2015.40\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SYNASC.2015.40","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

摘要

由于现在大多数恶意软件都将互联网作为其感染新系统的主要门户，因此安全供应商必须提供基于云的解决方案，以过滤和阻止恶意url。本文提出了与此问题相关的不同实际考虑。我们关注的重点是使用不同的机器学习技术和无监督学习方法来检测相对于内存占用的恶意url。我们在本文中使用的数据库是在48周内收集的，包含大约600万个良性和恶意url。我们还评估了在此期间检测率和假阳性率的演变情况，并得出了与当前恶意软件环境和互联网攻击向量相关的一些结论。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Study on Techniques for Proactively Identifying Malicious URLs

As most of the malware nowadays use Internet as their main doorway to infect a new system, it has become imperative for security vendors to provide cloud-based solutions that can filter and block malicious URLs. This paper presents different practical considerations related to this problem. The key points that we focus on are the usage of different machine learning techniques and unsupervised learning methods for detecting malicious URLs with respect to memory footprint. The database that we have used in this paper was collected during a period of 48 weeks and consists in approximately 6,000,000 benign and malicious URLs. We also evaluated how detection rate and false positive rate evolved during that period and draw some conclusions related to current malware landscape and Internet attack vectors.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2015 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC)

自引率

0.00%

发文量