Cargando…
BERT-Based Approaches to Identifying Malicious URLs
Malicious uniform resource locators (URLs) are prevalent in cyberattacks, particularly in phishing attempts aimed at stealing sensitive information or distributing malware. Therefore, it is of paramount importance to accurately detect malicious URLs. Prior research has explored the use of deep-learn...
Autores principales: | , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
MDPI
2023
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10610561/ https://www.ncbi.nlm.nih.gov/pubmed/37896591 http://dx.doi.org/10.3390/s23208499 |
_version_ | 1785128285019045888 |
---|---|
author | Su, Ming-Yang Su, Kuan-Lin |
author_facet | Su, Ming-Yang Su, Kuan-Lin |
author_sort | Su, Ming-Yang |
collection | PubMed |
description | Malicious uniform resource locators (URLs) are prevalent in cyberattacks, particularly in phishing attempts aimed at stealing sensitive information or distributing malware. Therefore, it is of paramount importance to accurately detect malicious URLs. Prior research has explored the use of deep-learning models to identify malicious URLs, using the segmentation of URL strings into character-level or word-level tokens, and embedding and employing trained models to differentiate between URLs. In this study, a bidirectional encoder representation from a transformers-based (BERT) model was devised to tokenize URL strings, employing its self-attention mechanism to enhance the understanding of correlations among tokens. Subsequently, a classifier was employed to determine whether a given URL was malicious. In evaluating the proposed methods, three different types of public datasets were utilized: a dataset consisting solely of URL strings from Kaggle, a dataset containing only URL features from GitHub, and a dataset including both types of data from the University of New Brunswick, namely, ISCX 2016. The proposed system achieved accuracy rates of 98.78%, 96.71%, and 99.98% on the three datasets, respectively. Additionally, experiments were conducted on two datasets from different domains—the Internet of Things (IoT) and Domain Name System over HTTPS (DoH)—to demonstrate the versatility of the proposed model. |
format | Online Article Text |
id | pubmed-10610561 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2023 |
publisher | MDPI |
record_format | MEDLINE/PubMed |
spelling | pubmed-106105612023-10-28 BERT-Based Approaches to Identifying Malicious URLs Su, Ming-Yang Su, Kuan-Lin Sensors (Basel) Article Malicious uniform resource locators (URLs) are prevalent in cyberattacks, particularly in phishing attempts aimed at stealing sensitive information or distributing malware. Therefore, it is of paramount importance to accurately detect malicious URLs. Prior research has explored the use of deep-learning models to identify malicious URLs, using the segmentation of URL strings into character-level or word-level tokens, and embedding and employing trained models to differentiate between URLs. In this study, a bidirectional encoder representation from a transformers-based (BERT) model was devised to tokenize URL strings, employing its self-attention mechanism to enhance the understanding of correlations among tokens. Subsequently, a classifier was employed to determine whether a given URL was malicious. In evaluating the proposed methods, three different types of public datasets were utilized: a dataset consisting solely of URL strings from Kaggle, a dataset containing only URL features from GitHub, and a dataset including both types of data from the University of New Brunswick, namely, ISCX 2016. The proposed system achieved accuracy rates of 98.78%, 96.71%, and 99.98% on the three datasets, respectively. Additionally, experiments were conducted on two datasets from different domains—the Internet of Things (IoT) and Domain Name System over HTTPS (DoH)—to demonstrate the versatility of the proposed model. MDPI 2023-10-16 /pmc/articles/PMC10610561/ /pubmed/37896591 http://dx.doi.org/10.3390/s23208499 Text en © 2023 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
spellingShingle | Article Su, Ming-Yang Su, Kuan-Lin BERT-Based Approaches to Identifying Malicious URLs |
title | BERT-Based Approaches to Identifying Malicious URLs |
title_full | BERT-Based Approaches to Identifying Malicious URLs |
title_fullStr | BERT-Based Approaches to Identifying Malicious URLs |
title_full_unstemmed | BERT-Based Approaches to Identifying Malicious URLs |
title_short | BERT-Based Approaches to Identifying Malicious URLs |
title_sort | bert-based approaches to identifying malicious urls |
topic | Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10610561/ https://www.ncbi.nlm.nih.gov/pubmed/37896591 http://dx.doi.org/10.3390/s23208499 |
work_keys_str_mv | AT sumingyang bertbasedapproachestoidentifyingmaliciousurls AT sukuanlin bertbasedapproachestoidentifyingmaliciousurls |