SaleSurf - Strengthening the Web's Armour, One URL at a Time - Malicious URL Detection using Machine Learning Models

Abstract

One of the most common cybersecurity vulnerabilities involves malicious websites or URLs. Every year, individuals and organizations suffer major financial losses from using harmful content such as spam, malware, inappropriate advertising, and scams that encourage visitors to cheat. These malicious URLs are often promoted through emails, advertisements, web search results, or links to other websites. Considering how many users click on these malicious URLs, there is an urgent need for a reliable system that can classify and identify dangerous URLs; In particular, phishing, spam and malware attacks are increasing. Data volume, updated attack models and strategies, correlation between URL features, lack of data, inconsistent data and the presence of outliers make the division of labor very difficult. In our research, we focus on negative URL search to gain more insight. Our information is divided into four main categories: phishing, harmless (safe), tampering, and malware. We have collected a large database of 651,191 URLs to support our application. To achieve the goal of identifying and identifying malicious URLs, we use three machine learning algorithms: Random Forest, LightGBM, XGBoost, Logistic Regression, CNN and Ensemble Model.