Detecting Malicious URLs via a Keyword-Based Convolutional Gated-Recurrent-Unit Neural Network

• Main Authors: Wenchuan Yang, Wen Zuo, Baojiang Cui
• Format: Article
• Language: English
• Published: IEEE 2019-01-01
• Series: IEEE Access
• Subjects: Gated recurrent unit (GRU); malicious URL detection; network attack; character-level embedding; convolutional neural network; neural network model
• Online Access: https://ieeexplore.ieee.org/document/8629082/

With the continuous development of Web attacks, many web applications have been suffering from various forms of security threats and network attacks. The security detection of URLs has always been the focus of Web security. Many web application resources can be accessed by simply entering an URL or clicking a link in the browser. An attacker can construct various web attacks such as SQL, XSS, and information disclosure by embedding executable code or injecting malicious code into the URL. Therefore, it is necessary to improve the reliability and security of web applications by accurately detecting malicious URLs. This paper designs a convolutional gated-recurrent-unit (GRU) neural network for the detection of malicious URLs detection based on characters as text classification features. Considering that malicious keywords are unique to URLs, a feature representation method of URLs based on malicious keywords is proposed, and a GRU is used in place of the original pooling layer to perform feature acquisition on the time dimension, resulting in high-accuracy multicategory results. The experimental results show that our proposed neural network detection model is very suitable for high-precision classification tasks. Compared with other classification models, the model accuracy rate is above 99.6%. The use of deep learning to classify URLs to identify Web visitors' intentions has important theoretical and scientific values for Web security research, providing new ideas for intelligent security detection.