@inproceedings{e3a1d62d7cec4a47bb049057569df751,
title = "Malicious URL detection based on Kolmogorov complexity estimation",
abstract = "Malicious URL detection has drawn a significant research attention in recent years. It is helpful if we can simply use the URL string to make precursory judgment about how dangerous a website is. By doing that, we can save efforts on the website content analysis and bandwidth for content retrieval. We propose a detection method that is based on an estimation of the conditional Kolmogorov complexity of URL strings. To overcome the incomputability of Kolmogorov complexity, we adopt a compression method for its approximation, called conditional Kolmogorov measure. As a single significant feature for detection, we can achieve a decent performance that can not be achieved by any other single feature that we know. Moreover, the proposed Kolmogorov measure can work together with other features for a successful detection. The experiment has been conducted using a private dataset from a commercial company which can collect more than one million unclassified URLs in a typical hour. On average, the proposed measure can process such hourly data in less than a few minutes.",
keywords = "blacklist, compression, entropy, Kolmogorov complexity, malicious URL",
author = "Pao, {Hsing Kuo} and Chou, {Yan Lin} and Yuh-Jye Lee",
year = "2012",
month = dec,
day = "1",
doi = "10.1109/WI-IAT.2012.258",
language = "English",
isbn = "9780769548807",
series = "Proceedings - 2012 IEEE/WIC/ACM International Conference on Web Intelligence, WI 2012",
pages = "380--387",
booktitle = "Proceedings - 2012 IEEE/WIC/ACM International Conference on Web Intelligence, WI 2012",
note = "null ; Conference date: 04-12-2012 Through 07-12-2012",
}