A multistage verification method for malicious URL detection using feature selection heuristic rules and machine learning
摘要
Malicious Uniform Resource Locators (URLs) have always been used to conduct cyberattacks. Existing malicious URL detection methods are facing challenges in maintaining high detection accuracy, adapting to evolving attack patterns, and relying on unoptimized feature sets. This paper proposes VERIFY, a multistage verification method for malicious URL detection that integrates a feature selection method, data-driven heuristic rules, and a machine learning classifier to address the challenges found in existing studies. In the proposed method, the feature selection method will reduce feature dimensionality by removing irrelevant and less informative features, and the heuristic rule with data-driven, statistically derived thresholds identify obvious malicious URL patterns before verification by a machine learning classifier. Accuracy, precision, recall (TPR), false positive rate (FPR), false negative rate (FNR), true negative rate (TNR), and F1-score were used to evaluate the proposed method. Through evaluation, the proposed method achieved accuracy of 0.9906, FPR of 0.0031, and FNR of 0.0215. These results confirm that the proposed method significantly improves malicious URL detection performance while minimizing misclassification rates.