<p>Phishing and malicious website attacks have become increasingly complex, highlighting the need for effective security mechanisms. This paper presents Yaqeen, a novel URL security framework that employs a Zero-Tolerance Policy to detect malicious URLs. Unlike traditional machine learning approaches that require continuous retraining, Yaqeen utilizes the collective intelligence of over 90 security engines through the VirusTotal API. This approach allows for high-confidence assessments of URLs. In our framework, a URL is classified as unsafe if any single trusted security engine identifies it as malicious, suspicious, or associated with phishing. That is, we prioritize user protection by significantly reducing the risk of false negatives. We evaluated Yaqeen’s performance using three diverse datasets: PhishStorm, PhiUSIIL, and the UNB URL. The results show excellent performance, with an average accuracy of 93.36%, precision of 92.73%, recall of 93.83%, and an F1-score of 93.20%. The architectural simplicity of Yaqeen, combined with its strong detection capabilities and minimal maintenance requirements, makes it a practical solution for environments where failures to detect a single threat can have severe consequences.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Yaqeen: a zero-tolerance framework for efficient and reliable URL security verification

  • Maher Alharby

摘要

Phishing and malicious website attacks have become increasingly complex, highlighting the need for effective security mechanisms. This paper presents Yaqeen, a novel URL security framework that employs a Zero-Tolerance Policy to detect malicious URLs. Unlike traditional machine learning approaches that require continuous retraining, Yaqeen utilizes the collective intelligence of over 90 security engines through the VirusTotal API. This approach allows for high-confidence assessments of URLs. In our framework, a URL is classified as unsafe if any single trusted security engine identifies it as malicious, suspicious, or associated with phishing. That is, we prioritize user protection by significantly reducing the risk of false negatives. We evaluated Yaqeen’s performance using three diverse datasets: PhishStorm, PhiUSIIL, and the UNB URL. The results show excellent performance, with an average accuracy of 93.36%, precision of 92.73%, recall of 93.83%, and an F1-score of 93.20%. The architectural simplicity of Yaqeen, combined with its strong detection capabilities and minimal maintenance requirements, makes it a practical solution for environments where failures to detect a single threat can have severe consequences.