Yaqeen: a zero-tolerance framework for efficient and reliable URL security verification
摘要
Phishing and malicious website attacks have become increasingly complex, highlighting the need for effective security mechanisms. This paper presents Yaqeen, a novel URL security framework that employs a Zero-Tolerance Policy to detect malicious URLs. Unlike traditional machine learning approaches that require continuous retraining, Yaqeen utilizes the collective intelligence of over 90 security engines through the VirusTotal API. This approach allows for high-confidence assessments of URLs. In our framework, a URL is classified as unsafe if any single trusted security engine identifies it as malicious, suspicious, or associated with phishing. That is, we prioritize user protection by significantly reducing the risk of false negatives. We evaluated Yaqeen’s performance using three diverse datasets: PhishStorm, PhiUSIIL, and the UNB URL. The results show excellent performance, with an average accuracy of 93.36%, precision of 92.73%, recall of 93.83%, and an F1-score of 93.20%. The architectural simplicity of Yaqeen, combined with its strong detection capabilities and minimal maintenance requirements, makes it a practical solution for environments where failures to detect a single threat can have severe consequences.