An application for predicting phishing attacks: A case of implementing a support vector machine learning model

Abstract

The imminent threat that phishing websites poses is a major concern for internet users worldwide. These fraudulent websites are crafted by cyber attackers to appear trustworthy and deceive vulnerable users into divulging confidential data like medical health records, credit card details, passwords, and Personal Identifiable information (PII). To bait their victims, cybercriminals employ tactics such as social engineering, spear-phishing attacks, and email phishing scams. As a result, unsuspecting individuals may be enticed to visit these websites, putting their sensitive information at risk. This work presents an application designed to predict phishing attacks after comparing polynomial and radial basis function of support vector machine (SVM). The proposed application leverages a dataset of known legitimate, suspicious and phishing attacks stored in a database and employs an SVM algorithm for classification based on user input. The application provides a user-friendly graphical user interface (GUI) that allows reporting of new phishing incidents based on the features that have strong relationship in determining if a website is phishing or not. The proposed application utilizes the inherent scalability of database technology to support record expansion whenever there is an instance of a user initiating phishing prediction thereby, making it suitable for use in a wide range of organizational settings.