首页 | 本学科首页   官方微博 | 高级检索  
     

高效的基于段模式的恶意URL检测方法
引用本文:林海伦,李 焱,王伟平,岳银亮,林 政. 高效的基于段模式的恶意URL检测方法[J]. 通信学报, 2015, 36(Z1): 141-148. DOI: 10.11959/j.issn.1000-436x.2015293
作者姓名:林海伦  李 焱  王伟平  岳银亮  林 政
作者单位:1. 中国科学院 信息工程研究所,北京 100093;2. 国家计算机网络应急技术处理协调中心,北京 100029
基金项目:国家高技术研究发展计划(“863”计划)基金资助项目(Y370041101);国家自然科学基金资助项目(61174152, 61303056, 61402464, 61502478)
摘    要:提出一种高效的基于段模式的检测恶意URL的方法,该方法首先解析已标注的恶意URL中的域名、路径名和文件名3个语义段,然后通过建立以三元组为词项的倒排索引快速计算恶意URL每个语义段的模式,最后基于倒排索引查找到的段模式来判定给定的URL是否是恶意URL。不仅如此,该方法还支持基于Jaccard的随机域名识别技术来判定包含随机域名的恶意URL。实验结果表明,与当前先进的基准方法相比,该方法具有较好的性能和可扩展性。

关 键 词:恶意URL;段模式;三元组;倒排索引;随机域名

Efficient segment pattern based method formalicious URL detection
Hai-lun LIN,Yan LI,Wei-ping WANG,Yin-liang YUE,Zheng LIN. Efficient segment pattern based method formalicious URL detection[J]. Journal on Communications, 2015, 36(Z1): 141-148. DOI: 10.11959/j.issn.1000-436x.2015293
Authors:Hai-lun LIN  Yan LI  Wei-ping WANG  Yin-liang YUE  Zheng LIN
Affiliation:1. Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China;2. National Computer Network Emergency Response and Coordination Center,Beijing 100029,China
Abstract:An efficient segment based method for detecting malicious URL was proposed. Firstly it analyzed the annotated malicious URLs in terms of three semantic segments, i.e., domain segment, path segment and file segment. Secondly it quickly calculated the common pattern of each semantic segment exploiting the tri-gram model based inverted index. Finally it decided whether a given URL was malicious based on the segment patterns returned by searching the inverted index. Moreover, this method also supported the Jaccard based random domain name identification technique for deciding malicious URLs with random domain name. Experimental results show that proposed method outperforms the state-of-the-art baseline methods, and can achieve good efficiency and scalability on malicious URL detection.
Keywords:malicious URL   segment pattern   tri-gram   inverted index   random name
点击此处可从《通信学报》浏览原始摘要信息
点击此处可从《通信学报》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号