ABSTRACTS OF ARTICLES OF THE JOURNAL "INFORMATION TECHNOLOGIES".
No. 11. Vol. 25. 2019

DOI: 10.17587/it.25.691-697

A. B. Menisov, Ph. D., Scientist of Military Researching Department, e-mail: men.arty@yandex.ru, I. À. Shastun, Ph. D., Lecturer, e-mail: shastunivan1982@gmail.com, Space military academy named by A. F. Mozhaysky, Saint-Petersburg, S. U. Kapitsin, Ph. D., e-mail: wolf76@inbox.ru, Military Academy of the General Staff, Moscow

The Approach of Detecting Malicious Internet Sites Based on the Processing of Lexical Attributes of Addresses (URLs) and Averaged Ensemble of Models

Currently, the detection and blocking of access to malicious Internet sites is performed mainly by including URLs in blacklists. However, blacklists cannot be exhaustive, and they cannot be used to identify newly created malicious sites. The purpose of the article is to develop a new approach to detect malicious sites based on the average ensemble of models, allowing to improve the accuracy of detection. The developed approach, compared to modern technical solutions in the field of information security, takes into account the lexical features of the address bar (URL) of malicious sites that attackers try to modify to the address of a well-known or secure site. Also, the authors compare the results of identifying malicious URLs obtained by modern and developed approaches. The article will be useful not only to researchers in the field of machine learning, but also to experts in the cybersecurity industry.
Keywords: information security, malicious websites, machine learning

P. 691–697

To the contents