Predicting Malicious URLs

Proofpoint Computer Science, 2016-17

Liaison(s): Thomas Lynam, Mike Morris ’97
Advisor(s): Elizabeth Sweedyk
Students(s): Vidushi Ojha (PM), Aidan Cheng, Kevin Herrera, Carli Lessard

As part of their security solutions, Proofpoint provides a service to scan URLs embedded in clients’ emails, and determine whether they lead to sites containing malware. Suspicious URLs are redirected to a virtual environment, or sandbox, where they are tested for maliciousness. The goal of our project is to create a machine learning classifier which can better detect malicious URLs, so that fewer URLs need to be sandboxed. We investigated various models and features to create a number of options for such a classifier.