摘要
恶意URL检测始终是Web安全领域的研究热点.提出了恶意URL多级检测过滤模型,共分成4层过滤器:黑白名单过滤器、朴素贝叶斯过滤器、CART决策树过滤器和支持向量机过滤器.对多层过滤模型的几个关键策略进行了讨论,包括过滤器层的投票策略、过滤器顺序策略以及过滤阈值的调优策略.过滤器投票策略中讨论了单独投票、并行投票和加权并行投票3种投票方法,过滤器顺序策略讨论了4种过滤器的先后顺序,过滤器阈值策略讨论了过滤阈值的确定方法.通过实验验证了多层过滤检测模型中以上策略讨论结果的有效性,根据实验结果实现了Web应用.
Malicious URL detection is always a hot research topic in the field of Web security. This paper proposes a malicious URL multi-level filtering detection model. This model contains 4 layers of filter: black and white list filter, Naive Bayesian filter, CART decision tree filter and Support Vector Machine filter. In this paper several key strategies of multilayer filtering model are discussed, including support vector machine filter layer voting strategy; filter order strategy and filtering threshold tuning strategy. Filter voting strategies are discussed in separate voting, parallel voting and weighted parallel voting three voting methods. The filter order strategy discusses the order of the four filters. Filter threshold strategy discusses the method of determining the threshold of the filter. The validity of the above methods is verified by experiments. According to the experimental results, this paper implements a Web application.
出处
《信息安全研究》
2016年第1期80-85,共6页
Journal of Information Security Research
基金
国家自然科学基金项目(61272513)
北京市科委重大项目子课题(D151100004215003)
关键词
恶意URL
投票策略
机器学习
分类算法
多层过滤模型
malicious URL
voting strategy
machine learning
classification algorithm
multi layer filtering model
