{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,2]],"date-time":"2026-05-02T07:03:38Z","timestamp":1777705418199,"version":"3.51.4"},"reference-count":31,"publisher":"SAGE Publications","issue":"5","license":[{"start":{"date-parts":[[2021,4,7]],"date-time":"2021-04-07T00:00:00Z","timestamp":1617753600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/journals.sagepub.com\/page\/policies\/text-and-data-mining-license"}],"content-domain":{"domain":["journals.sagepub.com"],"crossmark-restriction":true},"short-container-title":["Journal of Intelligent &amp; Fuzzy Systems"],"published-print":{"date-parts":[[2021,11,17]]},"abstract":"<jats:p>The World-Wide Web technology has become an indispensable part in human\u2019s life for almost all activities. On the other hand, the trend of cyberattacks is on the rise in today\u2019s modern Web-driven world. Therefore, effective countermeasures for the analysis and detection of malicious websites is crucial to combat the rising threats to the cyber world security. In this paper, we systematically reviewed the state-of-the-art techniques and identified a total of about 230 features of malicious websites, which are classified as internal and external features. Moreover, we developed a toolkit for the analysis and modeling of malicious websites. The toolkit has implemented several types of feature extraction methods and machine learning algorithms, which can be used to analyze and compare different approaches to detect malicious URLs. Moreover, the toolkit incorporates several other options such as feature selection and imbalanced learning with flexibility to be extended to include more functionality and generalization capabilities. Moreover, some use cases are demonstrated for different datasets.<\/jats:p>","DOI":"10.3233\/jifs-189874","type":"journal-article","created":{"date-parts":[[2021,4,9]],"date-time":"2021-04-09T12:10:53Z","timestamp":1617970253000},"page":"5535-5549","update-policy":"https:\/\/doi.org\/10.1177\/sage-journals-update-policy","source":"Crossref","is-referenced-by-count":3,"title":["URLCam: Toolkit for malicious URL analysis and modeling"],"prefix":"10.1177","volume":"41","author":[{"given":"Mohammed","family":"Ayub","sequence":"first","affiliation":[{"name":"Information and Computer Science Department, King Fahd University of Petroleum and Minerals, Saudi Arabia"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"El-Sayed M.","family":"El-Alfy","sequence":"additional","affiliation":[{"name":"Information and Computer Science Department, King Fahd University of Petroleum and Minerals, Saudi Arabia"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"179","published-online":{"date-parts":[[2021,4,7]]},"reference":[{"key":"e_1_3_2_2_2","doi-asserted-by":"publisher","DOI":"10.1007\/s12652-018-0736-0"},{"key":"e_1_3_2_3_2","doi-asserted-by":"publisher","DOI":"10.14569\/IJACSA.2017.080910"},{"key":"e_1_3_2_4_2","doi-asserted-by":"publisher","DOI":"10.1007\/s00500-018-3066-4"},{"key":"e_1_3_2_5_2","doi-asserted-by":"publisher","DOI":"10.1007\/s00521-016-2374-9"},{"key":"e_1_3_2_6_2","doi-asserted-by":"publisher","DOI":"10.1587\/transinf.2018NTI0001"},{"key":"e_1_3_2_7_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2019.01.064"},{"key":"e_1_3_2_8_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.03.018"},{"key":"e_1_3_2_9_2","article-title":"Socialbothunter: Botnet detection in twitter-like social networking services using semi-supervised collective classification","author":"Dorri A.","year":"2018","unstructured":"DorriA., AbadiM., DadfarniaM., Socialbothunter: Botnet detection in twitter-like social networking services using semi-supervised collective classification, In: IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing (2018), 1-6.","journal-title":"IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing"},{"key":"e_1_3_2_10_2","doi-asserted-by":"publisher","DOI":"10.1093\/comjnl\/bxx035"},{"key":"e_1_3_2_11_2","doi-asserted-by":"publisher","DOI":"10.1007\/s00500-017-2531-9"},{"key":"e_1_3_2_12_2","doi-asserted-by":"publisher","DOI":"10.1007\/s11235-017-0414-0"},{"key":"e_1_3_2_13_2","doi-asserted-by":"publisher","DOI":"10.1007\/s12652-018-0798-z"},{"key":"e_1_3_2_14_2","article-title":"Advances in computer science and its applications","volume":"279","author":"Jeong H.Y.","unstructured":"JeongH.Y., ObaidatM.S., YenN.Y., ParkJ.J., Advances in computer science and its applications, In: Lecture Notes in Electrical Engineering279, DOI: 10.1007, CSA 2013. Springer-Verlag Berlin Heidelberg (2015).","journal-title":"Lecture Notes in Electrical Engineering"},{"key":"e_1_3_2_15_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2018.03.006"},{"key":"e_1_3_2_16_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2882742"},{"key":"e_1_3_2_17_2","first-page":"1","article-title":"Obfuscated malicious javascript detection scheme using the feature based on divided url","author":"Morishige S.","year":"2017","unstructured":"MorishigeS., HarutaS., AsahinaH., SasaseI., Obfuscated malicious javascript detection scheme using the feature based on divided url, In: 2017 23rd Asia-Pacific Conference on Communications (APCC) (2017), 1\u20136.","journal-title":"2017 23rd Asia-Pacific Conference on Communications (APCC)"},{"issue":"2","key":"e_1_3_2_18_2","article-title":"Analyzing new features of infected web content in detection of malicious web pages","volume":"9","author":"Nezhad J.H.","year":"2017","unstructured":"NezhadJ.H., JahanM.V., Tayarani-NM.H., SadrnezhadZ., Analyzing new features of infected web content in detection of malicious web pages, ISeCure9(2) (2017), 161-181.","journal-title":"ISeCure"},{"issue":"2","key":"e_1_3_2_19_2","first-page":"141","article-title":"Feature-based malicious url and attack type detection using multi-class classification","volume":"10","author":"Patil D.","year":"2018","unstructured":"PatilD., PatilJ., Feature-based malicious url and attack type detection using multi-class classification, The ISC International Journal of Information Security10(2) (2018), 141\u2013162.","journal-title":"The ISC International Journal of Information Security"},{"key":"e_1_3_2_20_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2018.09.029"},{"key":"e_1_3_2_21_2","article-title":"Malicious url detection using machine learning: a survey","author":"Sahoo D.","year":"2017","unstructured":"SahooD., LiuC., HoiS.C., Malicious url detection using machine learning: a survey, (2017), arXiv preprint arXiv:1701.07179.","journal-title":"arXiv preprint arXiv:1701.07179"},{"issue":"5","key":"e_1_3_2_22_2","first-page":"1","article-title":"Email phishing: An enhanced classification model to detect malicious urls","volume":"6","author":"Sankhwar S.","year":"2019","unstructured":"SankhwarS., PandeyD., KhanR., Email phishing: An enhanced classification model to detect malicious urls, Eai Endorsed Transactions on Scalable Information Systems6-21(5) (2019), 1\u201312.","journal-title":"Eai Endorsed Transactions on Scalable Information Systems"},{"issue":"3","key":"e_1_3_2_23_2","article-title":"Efficient malicious url based on feature classification","volume":"3","author":"Sharma S.","year":"2015","unstructured":"SharmaS., ParveenS., Efficient malicious url based on feature classification, International Journal of Engineering Research and General Science3(3) (2015), Part-2, ISSN 2091-2730.","journal-title":"International Journal of Engineering Research and General Science"},{"key":"e_1_3_2_24_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLC.2018.8527036"},{"issue":"1","key":"e_1_3_2_25_2","first-page":"51","article-title":"Improving auto-detection of phishing websites using fresh-phish framework","volume":"9","author":"Shirazi H.","year":"2018","unstructured":"ShiraziH., HaefnerK., RayI., Improving auto-detection of phishing websites using fresh-phish framework, International Journal of Multimedia Data Engineering and Management (IJMDEM)9(1) (2018), 51\u201364.","journal-title":"International Journal of Multimedia Data Engineering and Management (IJMDEM)"},{"key":"e_1_3_2_26_2","first-page":"1","article-title":"Bidirectional lstm malicious web pages detection algorithm based on convolutional neural network and independent recurrent neural network","author":"Wang H.h.","year":"2019","unstructured":"WangH.h., YuL., TianS.w., PengY.f., PeiX.j., Bidirectional lstm malicious web pages detection algorithm based on convolutional neural network and independent recurrent neural network, Applied Intelligence (2019), 1\u201311.","journal-title":"Applied Intelligence"},{"key":"e_1_3_2_27_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2017.05.008"},{"key":"e_1_3_2_28_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2892066"},{"key":"e_1_3_2_29_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2895751"},{"key":"e_1_3_2_30_2","doi-asserted-by":"publisher","DOI":"10.1155\/2018\/4678746"},{"key":"e_1_3_2_31_2","first-page":"723","article-title":"A novel website fingerprinting method for malicious websites detection","author":"Zeng X.","year":"2019","unstructured":"ZengX., KangC., ShiJ., LiZ., XiongG., A novel website fingerprinting method for malicious websites detection, In: Information and Communication Technology for Intelligent Systems (2019), 723\u2013730.","journal-title":"Information and Communication Technology for Intelligent Systems"},{"key":"e_1_3_2_32_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2920655"}],"container-title":["Journal of Intelligent &amp; Fuzzy Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.3233\/JIFS-189874","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/full-xml\/10.3233\/JIFS-189874","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.3233\/JIFS-189874","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,29]],"date-time":"2026-04-29T09:43:46Z","timestamp":1777455826000},"score":1,"resource":{"primary":{"URL":"https:\/\/journals.sagepub.com\/doi\/10.3233\/JIFS-189874"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,4,7]]},"references-count":31,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2021,11,17]]}},"alternative-id":["10.3233\/JIFS-189874"],"URL":"https:\/\/doi.org\/10.3233\/jifs-189874","relation":{},"ISSN":["1064-1246","1875-8967"],"issn-type":[{"value":"1064-1246","type":"print"},{"value":"1875-8967","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,4,7]]}}}