Deep Reinforcement Learning for Detecting Malicious Websites

Phishing is the simplest form of cybercrime with the objective of baiting people into giving away delicate information such as individually recognizable data, banking and credit card details, or even credentials and passwords. This type of simple yet most effective cyber-attack is usually launched through emails, phone calls, or instant messages. The credential or private data stolen are then used to get access to critical records of the victims and can result in extensive fraud and monetary loss. Hence, sending malicious messages to victims is a stepping stone of the phishing procedure. A \textit{phisher} usually setups a deceptive website, where the victims are conned into entering credentials and sensitive information. It is therefore important to detect these types of malicious websites before causing any harmful damages to victims. Inspired by the evolving nature of the phishing websites, this paper introduces a novel approach based on deep reinforcement learning to model and detect malicious URLs. The proposed model is capable of adapting to the dynamic behavior of the phishing websites and thus learn the features associated with phishing website detection.

[1]  Akbar Siami Namin,et al.  Detecting Web Spams Using Evidence Theory , 2018, 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC).

[2]  Akbar Siami Namin,et al.  Forecasting Economics and Financial Time Series: ARIMA vs. LSTM , 2018, ArXiv.

[3]  Xiaotie Deng,et al.  Detection of phishing webpages based on visual similarity , 2005, WWW '05.

[4]  Lorrie Faith Cranor,et al.  Cantina: a content-based approach to detecting phishing web sites , 2007, WWW '07.

[5]  Richard S. Sutton,et al.  Reinforcement Learning: An Introduction , 1998, IEEE Trans. Neural Networks.

[6]  Sara Sartoli,et al.  A semantic model for action-based adaptive security , 2017, SAC.

[7]  Akbar Siami Namin,et al.  A Markov Decision Process to Determine Optimal Policies in Moving Target , 2018, CCS.

[8]  Akbar Siami Namin,et al.  Evidence Fusion for Malicious Bot Detection in IoT , 2018, 2018 IEEE International Conference on Big Data (Big Data).

[9]  Yong Chen,et al.  Client-side Straggler-Aware I/O Scheduler for Object-based Parallel File Systems , 2018, Parallel Comput..

[10]  Akbar Siami Namin,et al.  A Comparison of ARIMA and LSTM in Forecasting Time Series , 2018, 2018 17th IEEE International Conference on Machine Learning and Applications (ICMLA).

[11]  Carolyn Penstein Rosé,et al.  CANTINA+: A Feature-Rich Machine Learning Framework for Detecting Phishing Web Sites , 2011, TSEC.

[12]  Akbar Siami Namin,et al.  MalViz: an interactive visualization tool for tracing malware , 2018, ISSTA.

[13]  Shane Legg,et al.  Human-level control through deep reinforcement learning , 2015, Nature.

[14]  Banu Diri,et al.  Machine learning based phishing detection from URLs , 2019, Expert Syst. Appl..

[15]  Fadi A. Thabtah,et al.  Phishing detection based Associative Classification data mining , 2014, Expert Syst. Appl..

[16]  T. L. McCluskey,et al.  An assessment of features related to phishing websites using an automated technique , 2012, 2012 International Conference for Internet Technology and Secured Transactions.

[17]  Akbar Siami Namin,et al.  Defending SDN-based IoT Networks Against DDoS Attacks Using Markov Decision Process , 2018, 2018 IEEE International Conference on Big Data (Big Data).

[18]  Akbar Siami Namin,et al.  A Survey of Privacy Concerns in Wearable Devices , 2018, 2018 IEEE International Conference on Big Data (Big Data).