IDENTIFICATION OF PHISHING URLS AND WEBSITES USING ML

Abstract

The internet has become an essential part of our lives. The rise of the internet also opens opportunities to various scams and malicious activities like phishing. Phishing attacks are the practice of sending fraudulent communications that appear to come from a reputable source. Phishers try to deceive their victims by social engineering and creating mockup websites to steal information such as account ID, username, password from individuals and organizations. The identification process encompasses various techniques, including scrutinizing URLs for misspellings, inspecting SSL certificates for secure connections, analyzing website design and content quality, and avoiding unsolicited emails or pop-up windows requesting personal data. Many methods have been proposed to detect phishing websites and URLS yet the phishers have evolved their methodology and have managed to escape from these detection methods. One of the most successful methods for detecting these malicious activities is Machine Learning. This is because most Phishing attacks have some common characteristics which can be identified by machine learning methods. These systems exhibit the capability to adapt to emerging phishing tactics and work efficiently. The proposed approach employs various comparative analyses to select the most efficient algorithm. The anticipated outcome is an effective and adaptable ML-based phishing URL detection system, contributing to the ongoing efforts in safeguarding users from cyber threats. Keywords: Phishing, Cybersquatting, Typosquatting, Gradient boosting algorithm, random forest classifier, CatBoost classifier