Abstract

Phishing is constantly growing to be one of the most adopted tools for conducting cyber-attacks. Recent statistics indicated that 97% of users could not recognize a sophisticated phishing email. With over 1.5 million new phishing websites being created every month, legacy black lists and rule-based filters can no longer mitigate the increasing risks and sophistication level of phishing. Phishing can deploy various malicious payloads that compromise the network’s security. In this context, machine learning can play a crucial role in adapting the capabilities of computer networks to recognize current and evolving phishing patterns. In this paper, we present PhishNot, a phishing URL detection system based on machine learning. Hence, our work uses a primarily ”learning from data” driven approach, validated with a representative scenario and dataset. The input features were reduced to 14 to assure the system’s practical applicability. Experiments showed that Random Forest presented the best performance with a very high accuracy of 97.5%. Furthermore, the design of our system also lends itself to being more adoptable in practice through a combination of high phishing detection rate and high speed (an average of 11.5μs per URL) when deployed on the cloud.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.