Skip to main navigation menu Skip to main content Skip to site footer

Articles

Vol. 5 No. 2, Dec. 2017

Detecting Malicious and Compromised URLs in E-Mails Using Association Rule

  • Nureni Ayofe Azeez
  • Emilia Anochirionye
Submitted
December 20, 2017
Published
2017-12-21

Abstract

The rate of cybercrime is on the rise as more people embrace technology in their different spheres of live. Hackers are daily exploiting the anonymity and speed which the internet offers to lure unsuspecting victims into disclosing personal and confidential information through social engineering, phishing mails and sites and promises of great rewards which are never received. Thus resulting in great loss of property, finances, life, etc. and harm to their victims.  This research work seeks to evaluate ways of protecting users from malicious Uniform Resource Locators (URLs) embedded in the emails they receive. The aim is to evaluate ways of identifying malicious URLs in emails by classifying them based on their lexical and hostname features. This study is conducted by extracting features from URLs sourced from phishing tank and DMOZ and adopting Association Rule of classification in building a URL classifier that analyzed extracted features of  a URL and use it in predicting if it is malicious or not.  0.546 level of accuracy and an error rate of 0.484 was achieved as multiple URL features were employed in the classification process.