期刊文献+

基于CNN和多分类器的恶意URLs检测 被引量:2

Malicious URLs detection based on CNN and multiple classifiers
下载PDF
导出
摘要 基于特征提取的恶意URLs的检测方法中,人工提取规则的设计依赖于丰富的专家知识以及大量的数据分析,同时规则的设计与更新需要消耗大量的人力与时间。针对以上问题,提出一种基于卷积神经网络的URLs特征自动提取方法。通过数据预处理与模型训练,实现对URLs特征的自动学习,完成提取规则的自动设计与更新。通过收敛的模型完成URLs特征的自动提取,结合J48、随机森林、支持向量机等多种分类方法对提取结果进行验证。实验结果表明,训练的模型可以自动设计和更新特征提取规则,提取的特征具有良好的区分能力及普适性。多分类器的平均准确率超过了97%,最高达到了99.2%,FPR低至0.01。 For malicious URLs detection methods based on features extraction,manual design rules depend on abundant expert knowledge and large amount of data analysis.Meanwhile designing and updating rules may cost a lot of manpower and time.To solve the problems,a URLs features extraction method based on convolutional neural network was proposed.Automatic features learning of URLs and extraction rules designing and updating were achieved by preprocessing data and training model.URLs features were extracted automatically using trained model and the features extracted were evaluated using models including J48,random forest,SVM and other classifiers.The results show that,the trained model can design and update features extraction rules automatically and the features extracted show excellent distinguishability and universality.The average precision of all classifiers reaches 97%,the maximum precision is 99.2% and FPR is as low as 0.01.
作者 张慧 钱丽萍 汪立东 袁辰 张婷 ZHANG Hui;QIAN Li-ping;WANG Li-dong;YUAN Chen;ZHANG Ting(College of Electrical and Information Engineering,Beijing University of Civil Engineering And Architecture,Beijing 100044,China;Engineering Division,National Computer Network Emergency Response Technical Team/Coordination Center of China,Beijing 100029,China)
出处 《计算机工程与设计》 北大核心 2019年第10期2991-2995,3019,共6页 Computer Engineering and Design
基金 国家自然科学基金项目(61571144) 北京建筑大学研究生创新基金项目(PG2018070)
关键词 网络安全 恶意URLs 特征自动提取 卷积神经网络 机器学习 network security malicious URLs automatic features extraction CNN machine learning
  • 相关文献

参考文献2

二级参考文献23

  • 1YADAV S,REDDY A K,RANJAN S.Detecting algorithmically generated malicious domain names. Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement . 2010
  • 2THOMAS K,GRIER C,MA J,et al.Design and evaluation of a real-time url spam filtering service. Proceedings of the 2011 IEEE Symposium on Security and Privacy . 2011
  • 3MA J,SAUL L K,SAVAGE S,et al.Identifying suspicious URLs:an application of large-scale online learning. Proceedings of the 26th International Conference on Machine Learning . 2009
  • 4MA J,SAUL L K,SAVAGE S,et al.Beyond blacklists:learning to detect malicious Web sites from suspicious URLs. Proceedings of the 15th ACM SIGKDD Conference on Knowledge Discovery and Data Mining . 2009
  • 5GARERA S,PROVOS N,CHEW M.A framework for detection and measurement of phishing attacks. Proceedings of 5th ACM Workshop on Recurring Malcode . 2007
  • 6Han J W,Kamber M,Pei J.Data Mining Concepts and Techniques. . 2012
  • 7Phillip Porras,Hassen Saidi,Vinod Yegneswaran.'Conficker C P2P protocol and implementation,'. SRI International , Tech. Rep . 2009
  • 8PROVOS N,MAVROMMATIC P,RAJAB M A,et al.All your iframes point to us. Proceedings of the 17th Usenix Security Symposium . 2008
  • 9LIKARISH P,JUNG E.Leveraging Google safe browsing to characterize Web-based attacks. . 2009
  • 10PRAKASH P,KUMAR M,KOMPELLA R R,et al.Phishnet:predictive blacklisting to detect phishing attacks. Proceedings of IEEE International Conference on Computer Communications . 2010

共引文献16

同被引文献10

引证文献2

二级引证文献2

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部