In order to increase the accuracy of threat detection for malicious URLs, this paper proposes an improved feature extraction methodology. High false positive rates are a common consequence of traditional detection systems’ restricted feature sets. The suggested method extracts a wide variety of lexical, host-based, content-based, and character-level n-gram features in order to solve this. While host-based qualities offer contextual information like domain age and DNS validity, lexical features record structural irregularities. While n-gram features identify obfuscation through frequent character sequences, content-based features—such as login indicators, file extensions, and JavaScript references—reflect behavioral patterns. According to correlation analysis, the majority of traits are still weakly associated, providing a variety of complementary signals, even while some are strongly related. By properly recognizing benign URLs with 100% confidence, the suggested model showed dependable real-time prediction and obtained a high accuracy of 98.50% in detecting dangerous URLs.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Enhanced Feature Extraction for Phishing URL Detection: A Comprehensive Analysis of Structural, Host-Based, Content and N-Gram Attributes

  • Lokesh Khedekar,
  • Suvarna Pawar

摘要

In order to increase the accuracy of threat detection for malicious URLs, this paper proposes an improved feature extraction methodology. High false positive rates are a common consequence of traditional detection systems’ restricted feature sets. The suggested method extracts a wide variety of lexical, host-based, content-based, and character-level n-gram features in order to solve this. While host-based qualities offer contextual information like domain age and DNS validity, lexical features record structural irregularities. While n-gram features identify obfuscation through frequent character sequences, content-based features—such as login indicators, file extensions, and JavaScript references—reflect behavioral patterns. According to correlation analysis, the majority of traits are still weakly associated, providing a variety of complementary signals, even while some are strongly related. By properly recognizing benign URLs with 100% confidence, the suggested model showed dependable real-time prediction and obtained a high accuracy of 98.50% in detecting dangerous URLs.