Deep Learning Empowered Phishing URL Detection: An Exhaustive Approach

Authors

  • K. Subashini Research Scholar, Department of Computer and Information Science, Annamalai University, Tamil Nadu, India
  • V. Narmatha Assistant Professor, Department of Computer and Information Science, Annamalai University, Tamil Nadu, India

Keywords:

Machine Learning, Phishing Attack Detection, Deep Learning, Artificial Intelligence, Naïve Bayes

Abstract

Cybercriminals continually exploit users' vulnerabilities deceptive URLs through phishing attacks are a significant threat to both individuals and organizations. Cybercriminals regularly use phishing to trick users giving them permission to use corporate networks and digital files. Faster Recurrent Convolutional Neural Network (FRCNN) has been proposed to automatically identify phishing websites. However, there are certain drawbacks to its approach: (1) When the URL is converted into a characteristic matrix, there is a storage restriction, making it impossible to gather the embedding vector of new phrases to the actual data of sensitive characters; (2) it is also impossible to acquire the URL's long-distance dependent characteristic. Based on existing system, hybrid model Bidirectional Long Short Term Memory (Bi-LSTM) and FRCNN proposed to identify the phishing attack. The proposed system enables to obtain URL long-distance dependent characteristics by combining two current URL division approaches. Phishing websites can be quickly and accurately identified based on their URLs using the Naïve Bayes Method. According to experimental findings, this approach can produce high F1 values, recall rates and accuracy levels.

Downloads

Download data is not yet available.

References

Kalabarige, L. R., Rao, R. S., Abraham, A., &Gabralla, L. A. (2022). Multilayer stacked ensemble learning model to detect phishing websites. IEEE Access, 10, 79543-79552.

Alsariera, Y. A., Balogun, A. O., Adeyemo, V. E., Tarawneh, O. H., &Mojeed, H. A. (2022). Intelligent tree-based ensemble approaches for phishing website detection. J. Eng. Sci. Technol, 17, 563-582.

Atre, M., Jha, B., and Rao, A. (2022). Detecting Cloud-Based Phishing Attacks by Combining Deep Learning Models. arXiv preprint arXiv:2204.02446.

Puri, N., Saggar, P., Kaur, A., and Garg, P. (2022, July). Application of ensemble Machine Learning models for phishing detection on web networks. In 2022 Fifth International Conference on Computational Intelligence and Communication Technologies (CCICT) (pp. 296-303). IEEE.

Hota, H. S., Shrivas, A. K., &Hota, R. (2018). An ensemble model for detecting phishing attacks with proposed remove-replace feature selection technique. Procedia computer science, 132, 900-907.

Bidabadi, F. S., and Wang, S. (2022). A new weighted ensemble model for phishing detection based on feature selection. arXiv preprint arXiv:2212.11125.

Ramanathan, S., Mirkovic, J., and Yu, M. (2020, January). Blag: Improving the accuracy of blacklists. In NDSS.

Hossain, F., Islam, L., and Uddin, M. N. (2022, September). PhishRescue: A Stacked Ensemble Model to Identify Phishing Website Using Lexical Features. In 2022 5th International Conference of Computer and Informatics Engineering (IC2IE) (pp. 342-347). IEEE.

Garikapati, P., Balamurugan, K., and Latchoumi, T. P. (2022). K-means partitioning approach to predict the error observations in small datasets. International Journal of Computer Aided Engineering and Technology, 17(4), 412-430.

Livara, A., and Hernandez, R. (2022, January). An Empirical Analysis of Machine Learning Techniques in Phishing E-mail detection. In 2022 International Conference for Advancement in Technology (ICONAT) (pp. 1-6). IEEE.

Ansari, M. F., Panigrahi, A., Jakka, G., Pati, A., and Bhattacharya, K. (2022, November). Prevention of Phishing attacks using AI Algorithm. In 2022 2nd Odisha International Conference on Electrical Power Engineering, Communication and Computing Technology (ODICON) (pp. 1-5). IEEE.

Pandey, M. K., Singh, M. K., Pal, S., and Tiwari, B. B. (2022). Prediction of Phishing Websites Using Stacked Ensemble Method and Hybrid Features Selection Method. SN Computer Science, 3(6), 488.

Ali, M. M., Qaseem, M. S., and Rahman, M. A. U. (2020). A survey on deceptive phishing attacks in social networking environments. In Proceedings of the Third International Conference on Computational Intelligence and Informatics: ICCII 2018 (pp. 443-452). Springer Singapore.

ShiraniBidabadi, F., and Wang, S. (2022). A new weighted ensemble model for phishing detection based on feature selection. arXiv e-prints, arXiv-2212.

Bhowmik, P., and Bhowmik, P. C. (2022, October). A Machine Learning Approach for Phishing Websites Prediction with Novel Feature Selection Framework. In Proceedings of International Conference on Fourth Industrial Revolution and Beyond 2021 (pp. 357-370). Singapore: Springer Nature Singapore.

Shaaban, M. A., Hassan, Y. F., &Guirguis, S. K. (2022). Deep convolutional forest: a dynamic deep ensemble approach for spam detection in text. Complex and Intelligent Systems, 1-13.

Catal, C., Giray, G., Tekinerdogan, B., Kumar, S., and Shukla, S. (2022). Applications of deep learning for phishing detection: a systematic literature review. Knowledge and Information Systems, 1-44.

Kwak, Y., Lee, S., Damiano, A., &Vishwanath, A. (2020). Why do users not report spear phishing emails?. Telematics and Informatics, 48, 101343.

Mithra Raj, M., and Arul Jothi, J. A. (2022, October). Website Phishing Detection Using Machine Learning Classification Algorithms. In Applied Informatics: 5th International Conference, ICAI 2022, Arequipa, Peru, October 27–29, 2022, Proceedings (pp. 219-233). Cham: Springer International Publishing.

Shmalko, M., Abuadbba, A., Gaire, R., Wu, T., Paik, H. Y., and Nepal, S. (2022). Profiler: Profile-Based Model to Detect Phishing Emails. arXiv preprint arXiv:2208.08745.

Rao, R. S., Umarekar, A., &Pais, A. R. (2022). Application of word embedding and machine learning in detecting phishing websites. Telecommunication Systems, 79(1), 33-45.

M. Z. Gashti, “Detection of Spam Email by Combining Harmony Search Algorithm and Decision Tree”, Engineering, Technology & Applied Science Research, vol. 7, no. 3, pp. 1713–1718, Jun. 2017.

A. Darem, “Anti-Phishing Awareness Delivery Methods”, Engineering, Technology & Applied Science Research, vol. 11, no. 6, pp. 7944–7949, Dec. 2021.

Naqvi, B., Perova, K., Farooq, A., Makhdoom, I., Oyedeji, S., and Porras, J. (2023). Mitigation Strategies against the Phishing Attacks: A Systematic Literature Review. Computers and Security, 103387.

Greco, F., Desolda, G., and Esposito, A. (2023). Explaining phishing attacks: An XAI approach to enhance user awareness and trust. In Proc. of the Italian Conference on CyberSecurity (ITASEC ‘23).

[26] Roy, S. S., Naragam, K. V., and Nilizadeh, S. (2023). Generating Phishing Attacks using ChatGPT. arXiv preprint arXiv:2305.05133.

Asiri, S., Xiao, Y., Alzahrani, S., Li, S., and Li, T. (2023). A Survey of Intelligent Detection Designs of HTML URL Phishing Attacks. IEEE Access.

Butt, U. A., Amin, R., Aldabbas, H., Mohan, S., Alouffi, B., and Ahmadian, A. (2023). Cloud-based email phishing attack using machine and deep learning algorithm. Complex and Intelligent Systems, 9(3), 3043-3070.

Al Ogaili, R. R. N., and Manickam, S. (2023). A Critical Review: A New Taxonomy for Phishing Attacks Based on Phishing Techniques Used. Wasit Journal for Pure sciences, 2(2), 251-269.

Alabdan, R. (2020). Phishing attacks survey: Types, vectors, and technical approaches. Future internet, 12(10), 168.

Nepal, S., Gurung, H., and Nepal, R. (2022). Phishing URL Detection Using CNN-LSTM and Random Forest Classifier.

Devalla, V., Raghavan, S. S., Maste, S., Kotian, J. D., and Annapurna, D. (2022). murli: A tool for detection of malicious urls and injection attacks. Procedia Computer Science, 215, 662-676.

A. O. Aljahdali, F. Thabit, H. Aldissi, and W. Nagro, “Dynamic Keystroke Technique for a Secure Authentication System based on Deep Belief Nets”, Engineering, Technology & Applied Science Research, vol. 13, no. 3, pp. 10906–10915, Jun. 2023.

Ren, F., Jiang, Z., and Liu, J. (2019, December). A bi-directional lstm model with attention for malicious url detection. In 2019 IEEE 4th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC) (pp. 300-305). IEEE.

Downloads

Published

02.02.2024

How to Cite

Subashini , K., & Narmatha, V. (2024). Deep Learning Empowered Phishing URL Detection: An Exhaustive Approach . International Journal of Intelligent Systems and Applications in Engineering, 12(14s), 213–222. Retrieved from https://ijisae.org/index.php/IJISAE/article/view/4659

Issue

Vol. 12 No. 14s (2024)

Section

Research Article

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.

IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.