Spam emails are often used to advertise phishing websites and lure users to visit such sites. URL blacklisting is a widely used technique for blocking malicious phishing websites. To prepare an effective blacklist, it is necessary to analyze possible threats and include the identified malicious sites in the blacklist. However, the number of URLs acquired from spam emails is quite large. Fetchin...

Client-side attacks have become an increasing problem on the Internet today. Malicious web pages launch so-called drive-by-download attacks that are capable to gain complete control of a user’s machine by merely having that user visit a malicious web page. Criminals that are behind the majority of these malicious web pages are highly sensitive to location, language and economic trends to increa...

Different types of malicious attacks have been increasing simultaneously and become a serious issue for cybersecurity. Most leverage domain URLs as an attack communications medium compromise users into victim phishing or spam. We take advantage machine learning methods to detect the maliciousness automatically using three features: DNS-based, lexical, semantic features. The proposed approach ex...

We present Hulk, a dynamic analysis system that detects malicious behavior in browser extensions by monitoring their execution and corresponding network activity. Hulk elicits malicious behavior in extensions in two ways. First, Hulk leverages HoneyPages, which are dynamic pages that adapt to an extension’s expectations in web page structure and content. Second, Hulk employs a fuzzer to drive t...

Convolutional neural network based on attention mechanism and a bidirectional independent recurrent tandem joint algorithm (CATIR) are proposed. In natural language processing related technologies, word vector features extracted URLs, the URL information host merged. The proposed CATIR uses CNN (Convolutional Neural Network) to obtain deep local in data, Attention adjust weights, IndRNN (Indepe...

Deceitful and malicious web sites pretense significant danger to desktop security, integrity and privacy. Malicious web pages that use drive-by download attacks or social engineering techniques to install unwanted software on a user‘s computer have become the main opportunity for the proliferation of malicious code. Detection of malicious URL has become difficult because of the phishing campaig...

Malicious URLs host unsolicited content and are used to perpetrate cybercrimes. It is imperative to detect them in a timely manner. Traditionally, this is done through the usage of blacklists, which cannot be exhaustive, and cannot detect newly generated malicious URLs. To address this, recent years have witnessed several efforts to perform Malicious URL Detection using Machine Learning. The mo...

Mobile deep links are URIs that point to specific locations within apps, which are instrumental to web-to-app communications. Existing “scheme URLs” are known to have hijacking vulnerabilities where one app can freely register another app’s schemes to hijack the communication. Recently, Android introduced two new methods “App links” and “Intent URLs” which were designed with security features, ...

Network information security risks multiply and become more dangerous. Hackers today generally target end-to-end technology take advantage of human weaknesses. Furthermore, hackers weaknesses by applying various methods to attack. Nowadays, one the greatest dangers modern digital world is malicious URLs, stopping them biggest challenges in field cyber security. Detecting harmful URLs using mach...

Facebook is the world’s largest Online Social Network, having more than 1 billion users. Like most social networks, Facebook is home to various categories of hostile entities who abuse the platform by posting malicious content. In this chapter, we identify and characterize Facebook pages that engage in spreading URLs pointing to malicious domains. We revisit the scope and definition of what is ...