Doha: Hamad Bin Khalifa University’s (HBKU) Qatar Computing Research Institute (QCRI) has designed a scanner called “Bfore.AI Pre-Crime” that detects current and future malicious phishing URLs.
The scanner was developed using QCRI’s licensed malicious URL prediction technology. Based on its capabilities, it was selected by VirusTotal to be one of its trusted scanners. VirusTotal is a publicly available cyber security scanning service from Google that allows a user to check if a URL, file, or IP address is malicious or benign.
QCRI Cyber Security Group Principal Scientist, Dr. Issa Khalil said: “Our technology takes advantage of the hosting infrastructure of malicious URLs to discover strong associations among them, which are then further used to infer unknown malicious URLs from a small set of existing known malicious ones.
Instead of relying on local features, our technology mines and utilises global associations among URLs.
“For example, we observed that over a period of time, multiple malicious URLs tend to be hosted on the same IPs and multiple IPs tend to host the same malicious URLs, which creates intrinsic associations among them.”
“Phishing can have huge consequences for its victims, and we wanted to develop a technology to ensure that the public remains protected from growing cyber crime. The field is fast-evolving and our team wants to stay one step ahead of the game. Prediction and high-quality fast analytical tools are key factors in fighting cyber criminals,” he added.
Malicious URLs are involved in many cyber security attacks ,including Distributed Denial of Service attacks in which web servers can become unusable.
They are also a source of phishing, where criminals dupe email users to disclose information by posing as reputable entities. These URLs are also used to control botnets, when armies of infected machines without their owners’ knowledge can propagate malware and send spam messages.
