SVM And Neural Network Based URL Safety Detection

With the rapid development of mobile Internet,there has been more and more worldwide fraudulent and destructive Internet criminal acts,including the spread of malicious softwares,sale of counterfeit and shoddy goods,carrying out online fraud activities,while phishing behavior is the most serious criminal activity.Phishing is a kind of network attack,which lures Internet users into disclosing personal information via e-mail fraud and forgery sites,seriously affects the healthy development of Internet banking and e-commerce.The most common way to fight against phishing attacks is setting URL(Unifonn Resource Locator)blacklist.It blocks user's access to the website if the URL of the site is included in the blacklist.URL blacklist detection is simple and easy to implement,though it has some weakness,such as low recall rate and poor timeliness.To solve the problems above,this paper analyzes the current phishing sit-uation and the security requirements firstly.Next,introduce SVM and neural network algorithms and presents a hybrid-classifier based malicious URL di-vision mechanism to overcome the shortcomings of traditional URL blacklist detecting mechanisms.This mechanism takes full advantage of site's URL fea-tures,uses several classifiers to detect the URL safety respectively,and lets de-cider determines whether the site is malicious.The simulation results show that the hybrid classifer based URL security judgement mechanism has a high ac-curacy,which stably maintains in the range near 95%,and its accuracy doesn't change much with the various proportion of positive and negative examples in training set.Furthemore,the time and space consumption of URL detection mechanism based on security features is less than content-based security detection methods.Finally,to apply the theoretical results of this research into practice,this paper designs a concurrent URL security detection system under a distributed C/S architec-ture.The system is able to pretreat URL to remove confusion brought by URL noise,and use blacklists and whitelists for URL filtering,as well as quickly and efficiently test high frequency URL.This mechanism can rapidly detect known URLs while effectivly testing unknown URL,which can protect the user's network security.We further design artificial feedback upgrade module so that the blacklist,the whitelist and the decision model of the whole system can be updated in real time.So,this module can expand and improve the over-all performance of the system.Compare to traditional stand-alone systems,the distributed system designed herein,enhances the flexibility and availability of whole URL security detection system,and can be widely used in various client terminals and network applications to improve network security management capabilities.