Detection of Forwarding-Based Malicious URLs in Online Social Networks

Abstract

In recent years, online social networks (OSNs), such as Facebook, Twitter and Sina Weibo, have become extremely popular among Internet users. Unfortunately, attackers also utilize them to hide malicious attacks. Due to the significance of detecting malicious URLs in OSNs, multiple solutions have been offered by OSN operators, security companies, and academic researchers. Most of these solutions use machine-learning methods to train classification models based on different kinds of feature sets. However, most are ineffective because their selected features are conventional. In this paper, we focus on forwarding-based features because of the special connections between forwarding behavior and the propagation of malicious URLs. First, we conduct a comprehensive analysis of conventional URL feature sets. Then, we design some forwarding-based features and choose several graph-based features to combine with them in order to train a detection model. We evaluate the system using about 100,000 original messages collected from Sina Weibo, which is the largest OSN website in China. The high accuracy rate and low false positive rate show that forwarding-based features are much more effective in detecting malicious URLs in OSNs than are other more conventional features. To the best of our knowledge, this work is the first to analyze forwarding-based features in OSNs and offers a valuable contribution to this area of research.