Skip to main content

Research Repository

Advanced Search

Launching Adversarial Label Contamination Attacks Against Malicious URL Detection

Marchand, Bruno; Pitropakis, Nikolaos; Buchanan, William J.; Lambrinoudakis, Costas


Bruno Marchand

Costas Lambrinoudakis


Web addresses, or Uniform Resource Locators (URLs), represent a vector by which attackers are able to deliver a multitude of unwanted and potentially harmful effects to users through malicious software. The ability to detect and block access to such URLs has traditionally been enabled through reactive and labour intensive means such as human verification and whitelists and blacklists. Machine Learning has shown great potential to automate this defence and position it as proactive through the implementation of classifier models. Work in this area has produced numerous high-accuracy models, though the algorithms themselves remain fragile to adversarial manipulation if implemented without consideration being given to their security. Our work aims to investigate the robustness of several classifiers for malicious URL detection by randomly perturbing samples in the training data. It is shown that without a measure of defence to adversarial influence, highly accurate malicious URL detection can be significantly and adversely affected at even low degrees of training data perturbation.

Presentation Conference Type Conference Paper (Published)
Conference Name TrustBus 2021: Trust, Privacy and Security in Digital Business
Start Date Sep 27, 2021
End Date Sep 30, 2021
Online Publication Date Sep 1, 2021
Publication Date 2021
Deposit Date Jan 27, 2022
Publisher Springer
Pages 69-82
Series Title Lecture Notes in Computer Science
Series Number 12927
Series ISSN 0302-9743
Book Title Trust, Privacy and Security in Digital Business: 18th International Conference, TrustBus 2021, Virtual Event, September 27–30, 2021, Proceedings
ISBN 978-3-030-86585-6
Keywords Malicious URL, Detection, Adversarial machine learning
Public URL