Detection of Phishing Websites Using Supervised Learning

Authors

  • Bhanu Teja Mummadi
  • Neelakantan Puligundla

Keywords:

Phishing, Machine Learning, URL Based Attributes, live Phishing URL’s

Abstract

Phishing attacks are becoming more common and sophisticated, putting Internet users at risk. Even though a broad range of countermeasures from academia, industry, and research have proved that these attacks are resilient, machine learning algorithms seem to be a feasible choice for distinguishing between phishing and genuine websites. Existing machine learning algorithms for phishing detection have three major drawbacks. Firstly, there is no methodology for extracting features and keeping the dataset current, nor an updated list of phishing and authentic websites. The second concern is the use of many features and the lack of evidence to justify the characteristics utilized in training the machine learning classifier. The last point of concern is the sort of datasets utilized in the research, which is skewed in terms of URL or content-based attributes. Fresh-Phish is an open-source and extensible system that extracts features and generates an up-to-date phishing dataset based on 29 distinct characteristics. The dataset includes 6,060 websites, 3,000 of which were malicious and 3,000 of which were legitimate. Therefore, 93 percent accuracy using six distinct classifiers is attained in this industry, which is a respectable maximum. To overcome the second and third difficulties, the domain name of phishing websites used to detect phishing. Based on a sample dataset, this learning model achieves 97% classification accuracy and 98% true positive rate using just 7 characteristics. This algorithm's resiliency is demonstrated. When these classifiers were tested on unidentified live phishing URLs, they detected 99.7% of them, exceeding the previous best of 95 percent.

Downloads

Download data is not yet available.

References

Salloum, Said, et al. "A Systematic Literature Review on Phishing Email Detection Using Natural Language Processing Techniques." IEEE Access (2022).

Sánchez-Paniagua, Manuel, et al. "Phishing URL Detection: A Real-Case Scenario Through Login URLs." IEEE Access 10 (2022): 42949-42960.

Abdillah, Rahmad, et al. "Phishing Classification Techniques: A Systematic Literature Review." IEEE Access (2022).

Garg, D. K. . (2022). Understanding the Purpose of Object Detection, Models to Detect Objects, Application Use and Benefits. International Journal on Future Revolution in Computer Science &Amp; Communication Engineering, 8(2), 01–04. https://doi.org/10.17762/ijfrcsce.v8i2.2066

Assefa, Amanuel, and Rahul Katarya. "Intelligent Phishing Website Detection Using Deep Learning." 2022 8th International Conference on Advanced Computing and Communication Systems (ICACCS). Vol. 1. IEEE, 2022.

Jaber, Aws Naser, Lothar Fritsch, and Hårek Haugerud. "Improving Phishing Detection with the Grey Wolf Optimizer." 2022 International Conference on Electronics, Information, and Communication (ICEIC). IEEE, 2022.

BOUIJIJ, Habiba, and Amine BERQIA. "Machine Learning Algorithms Evaluation for Phishing URLs Classification." 2021 4th International Symposium on Advanced Electrical and Communication Technologies (ISAECT). IEEE, 2021.

Garg, D. K. . (2022). Understanding the Purpose of Object Detection, Models to Detect Objects, Application Use and Benefits. International Journal on Future Revolution in Computer Science &Amp; Communication Engineering, 8(2), 01–04. https://doi.org/10.17762/ijfrcsce.v8i2.2066

Rasool, Saira Banu Mohammed, M. Gnanaprakash, and M. SenthilMurugan. "A Prediction of Phishing Websites by Optimal Feature Extraction using Recurrent Neural Network." 2022 6th International Conference on Trends in Electronics and Informatics (ICOEI). IEEE, 2022.

Do, Nguyet Quang, et al. "Deep Learning for Phishing Detection: Taxonomy, Current Challenges and Future Directions." IEEE Access (2022).

Kiran, M. S., & Yunusova, P. (2022). Tree-Seed Programming for Modelling of Turkey Electricity Energy Demand. International Journal of Intelligent Systems and Applications in Engineering, 10(1), 142–152. https://doi.org/10.18201/ijisae.2022.278

Livara, Arriane, and Rowell Hernandez. "An Empirical Analysis of Machine Learning Techniques in Phishing E-mail detection." 2022 International Conference for Advancement in Technology (ICONAT). IEEE, 2022.

Chai, Yidong, et al. "An explainable multi-modal hierarchical attention model for developing phishing threat intelligence." IEEE Transactions on Dependable and Secure Computing 19.2 (2021): 790-803.

Garg, D. K. . (2022). Understanding the Purpose of Object Detection, Models to Detect Objects, Application Use and Benefits. International Journal on Future Revolution in Computer Science &Amp; Communication Engineering, 8(2), 01–04. https://doi.org/10.17762/ijfrcsce.v8i2.2066

Valecha, Rohit, Pranali Mandaokar, and H. Raghav Rao. “Phishing email detection using persuasion cues.” IEEE transactions on Dependable and secure computing 19.2(2021): 747-756.

Sun, Xiaoqiang, F. Richard Yu, and Peng Zhang. "A survey on cyber-security of connected and autonomous vehicles (CAVs)." IEEE Transactions on Intelligent Transportation Systems (2021).

Gopal, S. B., et al. “Autoencoder based Architecture for Mitigating Phishing URL attack in the Internet of Things (IoT) using Deep Neural Networks.” 2022 6th International Conference on Devices, Circuits and Systems (ICDCS). IEEE, 2022.

Garg, D. K. . (2022). Understanding the Purpose of Object Detection, Models to Detect Objects, Application Use and Benefits. International Journal on Future Revolution in Computer Science &Amp; Communication Engineering, 8(2), 01–04. https://doi.org/10.17762/ijfrcsce.v8i2.2066

Venugopal, Shreya, et al. "Detection of Malicious URLs through an Ensemble of Machine Learning Techniques." 2021 IEEE Asia-Pacific Conference on Computer Science and Data Engineering (CSDE). IEEE, 2021.

Suleman, Muhammad Taseer, and Amir Ali. "Detection of Phishing Websites through Computational Intelligence." 2021 International Conference on Innovative Computing (ICIC). IEEE, 2021.

Garg, D. K. . (2022). Understanding the Purpose of Object Detection, Models to Detect Objects, Application Use and Benefits. International Journal on Future Revolution in Computer Science &Amp; Communication Engineering, 8(2), 01–04. https://doi.org/10.17762/ijfrcsce.v8i2.2066

A website's domain name characteristics -Top: a biased website, bottom: a legit website

Downloads

Published

01.10.2022

How to Cite

[1]
B. T. . Mummadi and N. . Puligundla, “Detection of Phishing Websites Using Supervised Learning”, Int J Intell Syst Appl Eng, vol. 10, no. 3, pp. 171–186, Oct. 2022.

Issue

Vol. 10 No. 3 (2022)

Section

Research Article

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.

IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.