MOBIL QURILMALARDA XAVFLI URLʼLARNI KOʻP QATLAMLI SANDBOX TAHLILI: OFFLINE EVRISTIKA, URLHAUS, GOOGLE SAFE BROWSING VA VIRUSTOTAL INTEGRATSIYASI
Abstract
Tezis mobil qurilmalarda foydalanuvchiga kelayotgan URL havolalarni avtomatik xavfsizlik bahosi orqali aniqlashning koʻp qatlamli sandbox arxitekturasiga bagʻishlangan. Yondashuv toʻrt mustaqil tahlil qatlamini birlashtiradi: offline evristika, URLhaus bazasi, Google Safe Browsing API v4 va VirusTotal koʻplab antivirus mexanizmlari orqali tekshirish. Tizim qisqartirilgan havolalarni haqiqiy manzilga ochib beradi, qatlamlar natijasini kombinatsion bonus bilan birlashtiradi va 24 soatlik LRU keshda saqlaydi. Foydalanuvchi xabar mazmuni tashqariga uzatilmaydi, faqat URLʼning oʻzi uchinchi tomon APIʼlariga joʻnatiladi. Toʻliq sinov natijalari 97% F1-score va 1.2% false-positive nisbatini koʻrsatadi.
References
1. MITRE ATT&CK Framework: Initial Access -- Phishing (T1566). -- The MITRE Corporation, 2024. -- URL: https://attack.mitre.org/techniques/T1566/
2. URLhaus -- abuse.ch threat intelligence platform. -- abuse.ch, 2024. -- URL: https://urlhaus.abuse.ch/
3. Google Safe Browsing API v4 Reference. -- Google Developers, 2024. -- URL: https://developers.google.com/safe-browsing/v4
4. VirusTotal Public API v3 Documentation. -- VirusTotal (Google), 2024. -- URL: https://docs.virustotal.com/
5. Unicode Technical Standard #39: Unicode Security Mechanisms. -- Unicode Consortium, 2023. -- URL: https://www.unicode.org/reports/tr39/
6. APWG Phishing Activity Trends Report. -- Anti-Phishing Working Group, 2024. -- URL: https://apwg.org/trendsreports/
7. Pochat V. L. et al. Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation. // NDSS Symposium. -- 2019.
