We developed a machine learning–based system that increased the success rate of detecting malicious websites and prevented employees from accessing risky sites in real time. As a result, the risk of malware infection and corporate data misuse was significantly reduced.

Assignment

The client’s previous method for detecting malicious websites was outdated, offering limited protection against hard-to-detect malware. The goal was to develop a system capable of quickly and effectively identifying dangerous websites to protect the company’s environment and employee data.

Our Solution

We designed a new classification algorithm based on machine learning methods that combined several approaches:

• Logistic regression to identify fundamental risk patterns,
• Random forest classifiers to analyze a large set of input metrics,
• Boosted decision trees using histogram-based gradient boosting for the most accurate distinction between malicious and legitimate sites.

The engine analyzed both content and technical characteristics of websites, assessed their risk level, and blocked employee access to potentially harmful sites in real time.

Result

The developed system significantly improved the accuracy of malicious website detection and enabled rapid response to new threats. It not only identified suspicious websites but also actively prevented employees from accessing them, effectively reducing the risk of malware infiltration. As a result, company data became better protected against misuse.

Cybersecurity company engaged in the detection of malicious websites based on DNS data, traffic analysis and other collected data.
https://www.whalebone.io