Abstract
Phishing is a type of fraud attempt in which the attacker, usually by e-mail, pretends to be a trusted person or entity in order to obtain sensitive information from a target. Most recent phishing detection researches have focused on obtaining highly distinctive features from the metadata and text of these e-mails. The obtained attributes are then used to feed classification algorithms in order to determine whether they are phishing or legitimate messages. In this paper, it is proposed an approach based on machine learning to detect phishing e-mail attacks. The methods that compose this approach are performed through a feature engineering process based on natural language processing, lemmatization, topics modeling, improved learning techniques for resampling and cross-validation, and hyperparameters configuration. The first proposed method uses all the features obtained from the Document-Term Matrix (DTM) in the classification algorithms. The second one uses Latent Dirichlet Allocation (LDA) as a operation to deal with the problems of the “curse of dimensionality”, the sparsity, and the text context portion included in the obtained representation. The proposed approach reached marks with an F1-measure of 99.95% success rate using the XGBoost algorithm. It outperforms state-of-the-art phishing detection researches for an accredited data set, in applications based only on the body of the e-mails, without using other e-mail features such as its header, IP information or number of links in the text.
Highlights
According to [1], in 2019, the total number of e-mails transacted every day exceeds half-trillion, and about 80% of this e-mail traffic is spam messages
Our proposal achieved measures with a 99.95% success rate using the XGBoost algorithm
To the best of our knowledge, the highest result in phishing detection researches for an accredited data set basing only on the body of the e-mails, not taking into account other e-mail features such as its header, IP information or number of links on the e-mail body
Summary
According to [1], in 2019, the total number of e-mails transacted every day exceeds half-trillion, and about 80% of this e-mail traffic is spam messages Some of these spam messages are just legitimate marketing e-mails, in this amount, there are malicious e-mails through which sensitive information can be exposed or subtracted. Cial frauds and hacked or hijacked systems, accounts, or profiles These malicious messages are denominated phishing e-mails. In this type of fraud attempts, the attacker pretends to be a trusted person or entity, and through this false impersonation tries to obtain sensitive information from a target [2], [3].
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
