Machine Learning and Nature Inspired Based Phishing Detection: A Literature Survey

Abstract

Phishing detection remains one of the most challenging problems currently faced by cyber users as sophisticated phishing schemes evolves rapidly. This paper presents a comprehensive survey of different phishing detection techniques with a focus of identifying gaps and proffering solutions to the current phishing detection problems. As shown in the survey, numerous techniques have been proposed to tackle phishing, including Machine Learning (ML) based, Nature Inspired (NI) based, heuristic-based, blacklist-based and whitelist-based techniques. However, ML-based techniques outperform other techniques in terms of classification accuracy due to their ability to analyze data contents, extract unknown or concealed patterns from the data and consequently turn the patterns into meaningful information for decision making. Unfortunately, ML algorithms cannot effectively handle big datasets, hence they can be combined with NI algorithms to build fast and improved models for phishing detection. Although, some surveys on phishing detection techniques exist, very few focused on ML-based and NI-based techniques. Therefore, this study presents a survey on ML-based and NI-based phishing detection techniques. The survey reveals the various shortcomings of phishing detection techniques, including limited dataset, use of third-party services (age of domain, search engine query, etc.), use of small feature set, use of classification rules, use of blacklist and whitelist, etc. There is an obvious need for efficient and reliable solutions for phishing detection. The recent success and prevalence of deep learning provides a rare opportunity for researchers seeking to design improved and effective phishing detection techniques. This study aims to empower the research community with suitable solutions and motivating insights that can be used to effectively tackle the phishing detection problem. It provides a good picture of the current state-of-the-art on phishing detection and serves as a reliable springboard for further studies.