International Journal of Information Technology (IJIT) – Volume 10 Issue 6, Nov – Dec 2024 ISSN: 2454-5414 www.ijitjournal.org Page 42 Adversarial Robustness of ML Models for Malicious URL Detection Using Lexical Features Roopesh Kumar B N [1] , Rekha B Venkatapur [2] , Suman B S [3] , Gagan Shivanna [4] [1] Department of Computer Science & Engineering, K S Institute of Technology, Karnataka, India [2] Department of Computer Science & Engineering, K S Institute of Technology, Karnataka, India [3] Department of Computer Science & Engineering, K S Institute of Technology, Karnataka, India [4] Department of Computer Science & Engineering, K S Institute of Technology, Karnataka, India ABSTRACT Malicious URL detection is vital in cybersecurity, proactively identifying threats before they reach users. Traditional methods often struggle to keep pace with evolving threats, whereas machine learning (ML) offers a more adaptable approach through its ability to learn and adjust to changing scenarios. Ensemble algorithms such as Random Forests, XGBoost, AdaBoost, and LightGBM have proven highly effective for detecting malicious URLs. Among these, Random Forests (RF), a bagging model, achieved 89.78% accuracy, showcasing strong performance and robustness. Keywords — Malicious URL detection, Machine learning (ML), ensemble algorithms, Random Forests (RF). I. INTRODUCTION Traditional URL detection methods typically rely on signature-based or rule-based systems, which are limited in their ability to keep pace with the rapidly evolving nature of online threats. Such methods often require manual updates and struggle to adapt to new attack patterns, resulting in delayed or ineffective responses. In contrast, machine learning (ML) has emerged as a powerful alternative due to its ability to learn from data, recognize patterns, and generalize well to detect previously unseen malicious URLs. Machine learning techniques use a variety of features extracted from URLs, such as lexical, host-based, and content- based features, to distinguish between malicious and benign URLs. In this study, we focus on the lexical features of URLs from the dataset, as they are more vulnerable and frequently exploited than other features. These ML models are trained on large datasets to identify complex patterns that would be challenging for traditional methods to capture. Ensemble algorithms, in particular, have proven highly effective for this task, as they combine the strengths of multiple models, improving overall accuracy and robustness. The primary objective of this research is to develop a robust and scalable malicious URL detection framework leveraging machine learning techniques to address the limitations of traditional methods. To achieve this, the research focuses on three key objectives. First, it emphasizes lexical feature-based detection by utilizing structural characteristics extracted from URLs to distinguish between malicious and benign URLs without relying on network behaviour or content inspection. II. LITERATURE SURVEY The detection of malicious URLs has been an area of intense research, particularly with the advent of machine learning techniques. Previous studies have extensively explored various feature extraction methods and classification algorithms to enhance detection accuracy. Lexical-based features, which analyse the structural components of URLs, have gained significant attention due to their independence from network behaviour and content-based inspection, as highlighted by Ma et al. [1]. Their work demonstrated the effectiveness of combining lexical and host-based features for classifying URLs using machine learning techniques like Support Vector Machines (SVMs). Subsequent advancements in the field have seen the emergence of ensemble learning techniques for malicious URL detection. For instance, Sahoo et al. [2] demonstrated the superiority of ensemble methods like Random Forest and Gradient Boosting Machines (GBMs) over traditional classifiers due to their robustness and ability to capture non- linear patterns. Similarly, Al-Daeef et al. [3] showcased the efficacy of boosting algorithms, such as AdaBoost and XGBoost, in achieving high detection accuracy, particularly when dealing with imbalanced datasets. In recent years, researchers have also begun addressing the adversarial robustness of these machine learning models. Goodfellow et al. [4] introduced the Fast Gradient Sign Method (FGSM), which revealed vulnerabilities in neural networks and other machine learning models against adversarial attacks. Building on this, Papernot et al. [5] proposed adversarial training as a defense mechanism, which involves incorporating adversarial examples into the training process to enhance model robustness. These techniques have been explored in the domain of malware and intrusion detection but are still nascent in the context of malicious URL detection. RESEARCH ARTICLE OPEN ACCESS