Identifying malicious identifiers

What is claimed is: 1. A method for identifying malicious resources accessible through a network, the method comprising: providing a labeled dataset of malicious identifiers and non-malicious identifiers to a classifier, wherein the labeled dataset includes at least one descriptive feature associated with each of the malicious identifiers and non-malicious identifiers; identifying at least one probabilistic pattern among the at least one descriptive feature; developing, using the classifier, a decision boundary between the malicious identifiers and non-malicious identifiers based on the at least one identified probabilistic pattern; accessing, through a medium interface to a computer-readable medium, an accessed identifier comprising the location of a network accessible resource; extracting, using a configured processor, textual information concerning the accessed identifier accessed by the medium interface; collecting, using the configured processor, metadata information from communications with the network accessible resource associated with the accessed identifier; collecting, using the configured processor, content from communications with the network accessible resource associated with the accessed identifier; and providing the extracted textual information, collected metadata information, and collected content to the classifier as input, and receiving an identification of the accessed identifier as malicious or non-malicious based on a comparison of the provided textual information, metadata information, and collected content with the developed decision boundary. 2. The method of claim 1 wherein developing the decision boundary includes: organizing the at least one descriptive feature into a binary tree; and selecting at least one feature to identify the at least one probabilistic pattern based on gini entropy. 3. The method of claim 1 , wherein the accessed identifier is a uniform resource identifier (URI). 4. The method of claim 1 , further comprising collecting, using a network interface, information concerning the presence of the accessed identifier on a blacklist, and providing the collected blacklist presence information to the classifier. 5. The method of claim 1 , further comprising issuing an alert in response to the accessed identification of the identifier as malicious. 6. The method of claim 1 , wherein the textual information is at least one of length, number of vowels, number of consonants, number of special characters, file extension type, number of domain levels, and top-level domain. 7. The method of claim 1 , wherein the accessed identification of the accessed identifier comprises a score to define a degree of maliciousness of the identifier. 8. The method of claim 7 , wherein at least one of whether the score is presented to a user based on the degree of maliciousness and how the score is presented to a user is customizable. 9. The method of claim 1 , wherein the metadata information is at least one of a status code, the identity of a hardware providing the network accessible resource, and the identity of a software serving the content. 10. The method of claim 1 , wherein the content is at least one of head length, body length, and redirect instructions. 11. The method of claim 1 , further comprising collecting, using a configured processor, registration information associated with the accessed identifier. 12. A system for identifying malicious resources accessible through a network, the system comprising: a medium interface to a computer-readable medium configured to access an accessed identifier comprising the location of a network accessible resource; a network interface; a processor in communication with the medium interface and the network interface, the processor including a classifier to: receive a labeled dataset of malicious identifiers and non-malicious identifiers, wherein the labeled dataset includes at least one descriptive feature associated with each of the malicious identifiers and non-malicious identifiers, identify at least one probabilistic pattern among the at least one descriptive feature, and develop a decision boundary between the malicious identifiers and non-malicious identifiers based on the at least one identified probabilistic pattern; wherein the processor is further configured to: extract textual information concerning the accessed identifier accessed by the medium interface; collect metadata information from communications with the network accessible resource associated with the accessed identifier; collect content from communications with the network accessible resource associated with the accessed identifier; and execute the classifier receiving the extracted textual information, collected metadata information, and collected content as inputs and providing an identification of the accessed identifier as malicious or non-malicious as output, wherein the identification is based on a comparison of the provided textual information, metadata information, and collected content with the developed decision boundary. 13. The system of claim 12 , wherein the classifier develops the decision boundary by: organizing the at least one descriptive feature into a binary tree; and selecting at least one feature to identify the at least one probabilistic pattern based on gini entropy. 14. The system of claim 12 , wherein the accessed identifier is a uniform resource identifier (URI). 15. The system of claim 12 , wherein the network interface is further configured to collect information concerning the presence of the accessed identifier on a blacklist, and providing the collected blacklist presence information to the classifier. 16. The system of claim 12 , further comprising an alert device to issue an alert in response to the identification of the accessed identifier as malicious. 17. The system of claim 12 , wherein the textual information is at least one of length, number of vowels, number of consonants, number of special characters, file extension type, number of domain levels, and top-level domain. 18. The system of claim 12 , wherein the accessed identification of the identifier comprises a score to define a degree of maliciousness of the accessed identifier. 19. The system of claim 18 , wherein at least one of whether the score is presented to a user based on the degree of maliciousness and how the score is presented to a user is customizable. 20. The system of claim 12 , wherein the metadata information is at least one of a status code, the identity of a hardware providing the network accessible resource, and the identity of a software serving the content. 21. The system of claim 12 , wherein the content is at least one of head length, body length, and redirect instructions. 22. The system of claim 12 , wherein the processor is further configured to collect registration information associated with the accessed identifier. 23. A non-transitory computer-readable medium containing computer-executable instructions for performing a method for identifying malicious resources accessible through a network, the medium comprising: computer-executable instructions for providing a labeled dataset of malicious identifiers and non-malicious identifiers to a classifier, wherein the labeled dataset includes at least one descriptive feature associated with each of the malicious identifiers and non-malicious identifiers; computer-executable instructions for identifying at least one probabilistic pat