Department of Computer Science, College of Computer Science and Information Technology, SAUDI ARAMCO Cybersecurity Chair, Imam Abdulrahman Bin Faisal University, Dammam, Saudi Arabia
Shahd A. Albelali
Department of Computer Science, College of Computer Science and Information Technology, SAUDI ARAMCO Cybersecurity Chair, Imam Abdulrahman Bin Faisal University, Dammam, Saudi Arabia
Maimunah Al-Harbi
Department of Computer Science, College of Computer Science and Information Technology, SAUDI ARAMCO Cybersecurity Chair, Imam Abdulrahman Bin Faisal University, Dammam, Saudi Arabia
Haya T. Alhuraib
Department of Computer Science, College of Computer Science and Information Technology, SAUDI ARAMCO Cybersecurity Chair, Imam Abdulrahman Bin Faisal University, Dammam, Saudi Arabia
Najd K. Alotaibi
Department of Computer Science, College of Computer Science and Information Technology, SAUDI ARAMCO Cybersecurity Chair, Imam Abdulrahman Bin Faisal University, Dammam, Saudi Arabia
Amal A. Alahmadi
Department of Networks and Communications, College of Computer Science and Information Technology, SAUDI ARAMCO Cybersecurity Chair, Imam Abdulrahman Bin Faisal University, Dammam, Saudi Arabia
Department of Networks and Communications, College of Computer Science and Information Technology, SAUDI ARAMCO Cybersecurity Chair, Imam Abdulrahman Bin Faisal University, Dammam, Saudi Arabia
Department of Computer Information Systems, College of Computer Science and Information Technology, SAUDI ARAMCO Cybersecurity Chair, Imam Abdulrahman Bin Faisal University, Dammam, Saudi Arabia
In recent years, the digital world has advanced significantly, particularly on the Internet, which is critical given that many of our activities are now conducted online. As a result of attackers’ inventive techniques, the risk of a cyberattack is rising rapidly. One of the most critical attacks is the malicious URL intended to extract unsolicited information by mainly tricking inexperienced end users, resulting in compromising the user’s system and causing losses of billions of dollars each year. As a result, securing websites is becoming more critical. In this paper, we provide an extensive literature review highlighting the main techniques used to detect malicious URLs that are based on machine learning models, taking into consideration the limitations in the literature, detection technologies, feature types, and the datasets used. Moreover, due to the lack of studies related to malicious Arabic website detection, we highlight the directions of studies in this context. Finally, as a result of the analysis, we conducted on the selected studies, we present challenges that might degrade the quality of malicious URL detectors, along with possible solutions.