malicious-url-detector

malicious-url-detector is a fine-tuned version of distilbert-base-uncased designed to classify URLs as malicious or benign using natural language and pattern-based representations. It leverages LoRA (Low-Rank Adaptation) via the PEFT library for lightweight, efficient fine-tuning.

Model description

This model learns to identify potentially harmful URLs based on patterns commonly found in phishing, malware delivery, and command-and-control links. It was fine-tuned on a curated dataset of labeled URLs containing both malicious and safe samples.

Intended uses & limitations

Intended uses:

• Integrate into threat detection systems or browser security tools
• Use for phishing URL classification or malware link filtering
• Educational and research purposes in cybersecurity automation

Limitations:

• Should not be solely relied upon for production-grade URL blocking
• May misclassify newly obfuscated or encrypted URLs
• Requires regular retraining with updated datasets to maintain accuracy

Training hyperparameters

The following hyperparameters were used during training:

• learning_rate: 2e-05
• train_batch_size: 8
• eval_batch_size: 8
• seed: 42
• optimizer: Use OptimizerNames.ADAMW_TORCH_FUSED with betas=(0.9,0.999) and epsilon=1e-08 and optimizer_args=No additional optimizer arguments
• lr_scheduler_type: linear
• num_epochs: 3

Framework versions

• PEFT 0.17.1
• Transformers 4.57.1
• Pytorch 2.8.0
• Datasets 4.2.0
• Tokenizers 0.22.1