Anti-phishing Techniques Research Articles

Anti-Phishing: A Web Identifier for Spoofed Sites Using Neural Network

Phishing attacks persist as a significant threat to cybersecurity, exploiting deceptive websites to illicitly acquire sensitive user information. Conventional anti-phishing techniques often struggle to keep pace with the evolving sophistication of these attacks. An approach for detecting phishing websites using Long Short-Term Memory (LSTM) networks, a type of recurrent neural network (RNN) known for its ability to capture sequential dependencies in data.Method leverages the temporal dynamics inherent in website content and user interactions to discern between legitimate and phishing websites and constructed a comprehensive data-set comprising diverse samples of legitimate and phishing websites, ensuring the model's ability to generalize across various attack vectors.LSTM-based model exhibits resilience to adversarial evasion techniques commonly employed by attackers, demonstrating robustness in real-world scenarios and conducted extensive analysis to interpret the learned representations captured by the LSTM network, providing insights into the distinguishing features of phishing websites. Key Words:Phishing, Deep Learning,

Detection of Phishing Sites Using Machine Learning Techniques

Phishing is a very commonly occurring attack in which the attacker attempt to get the private information of the user like card details, their passwords their transaction details etc. using fake copy websites. Attackers uses the websites very similar to the original websites and not possible for common people to identify. Phishing is the biggest loop-hole in the cyber world. Phishing became a successful business for phishers. Other than fake websites phishers uses different methods to do this job using messaging, spoofed links to make money and to counter Phishing various method are proposed some anti-phishing techniques are blacklist, whitelist but due to exponential growth on new innovations and technologies these techniques falls a little below as new websites contains dynamically work in it due to that these techniques cannot outperform todays websites.

An Enhanced Anti-Phishing Technique for Social Media Users: A Multilayer Q-Learning Approach

An Enhanced Anti-Phishing Technique for Social Media Users: A Multilayer Q-Learning Approach

A high-accuracy phishing website detection method based on machine learning

The rapid development of e-commerce, e-banking, and social networks has made phishing attack detection one of the most critical technologies in all cyber security systems. To improve the efficiency of anti-phishing techniques, we present an improved predictive model based on machine learning. The proposed method uses six different algorithms; Logistic Regression, K-Nearest Neighbors, Naive Bayes, Random Forest, Support Vector Machine, and Extreme Gradient Boosting (XGBoost). The experiments are based on a public dataset of 58,000 legitimate websites and 30,647 phishing ones, including 112 attributes for each sample. Our evaluations in the feature selection process show that after balancing the dataset and dropping constant features, a noticeable improvement can be achieved. We conducted our evaluation found on eight major unique scenarios. The experimental results of our phishing websites detection (PWD) method indicate remarkable performances in which each algorithm reached an accuracy of more than 93%, and the XGBoost classifier outperforms others with 99.2% overall accuracy, 99.1% precision, 99.4% recall, and 99.1% specificity. In addition, the study achieved optimal run-time of about 1500 ms for the XGBoost algorithm without dimension reduction while using Principal Component Analysis (PCA) reduces it down to just 869 ms. As a result, the proposed approach would be practical in both offline and real-time applications.

Phishing Website Detection Using Machine Learning

Abstract: The growing internet user base and reliance on online platforms have led to a growing concern of phishing attacks. Conventional anti-phishing techniques struggle to keep up with evolving tactics. This research proposes a novel approach using machine learning algorithms to combat phishing attacks in real-time. The dataset includes legitimate and phishing websites, with various attack vectors and strategies. Data preprocessing, feature engineering, and machine learning models are trained on the dataset. The proposed approach achieves high accuracy and outperforms traditional rule-based methods. The ensemble models exhibit superior performance in handling both known and unseen phishing attacks. The real-time nature of the system allows for swift adaptation to new and emerging phishing techniques. The system's low computational overhead ensures seamless operation on various platforms without performance degradation.

Phishing Website Detection using Machine Learning Rules with Cryptography Technique

Phishing, a type of cybersecurity attack aimed at stealing personal information like passwords and credit card numbers, can be mitigated through the use of machine learning techniques for detecting phishing websites. In response, cybersecurity experts are actively seeking reliable and robust detection techniques to identify phishing websites. This research paper focuses on the implementation of machine learning technology for detecting phishing URLs by extracting and analyzing various features from both legitimate and phishing URLs. Support Vector Machine algorithms are employed for this purpose, to identify the most effective algorithm based on accuracy rate, false positive rate, and false negative rate, to enhance phishing detection measures. Cryptography Technique like the RSA algorithm is used to secure encryption method to encrypt the user search data before being stored on the server. The paper further discusses the reasons why ensemble machine learning methods are well-suited for binary phishing classification challenges in real-time detection scenarios, underscoring their efficacy in anti-phishing techniques.

Phishing Website Detection using Multilayer Perceptron

Phishing attacks pose a significant threat in the cyber world, exploiting unsuspecting users through deceptive emails that lead them to malicious websites. To combat this challenge, various deep learning based anti-phishing techniques have been developed. However, these models often suffer from high false positive rates or lower accuracy. In this study, we evaluate the performance of two neural networks, the Autoencoder and Multilayer Perceptron (MLP), using a publicly available dataset to build an efficient phishing detection model. Feature selection was performed through correlation analysis, and the Autoencoder achieved an accuracy of 94.17%, while the MLP achieved 96%. We used hyperparameters for optimization using the Gridsearch CV, resulting in a False Positive Rate (FPR) of 1.3%, outperforming the Autoencoder’s 4.1% FPR. The MLP model was further deployed to determine the legitimacy of websites based on input URLs, demonstrating its usability in real-world scenarios. This research contributes to the development of effective phishing detection models, emphasizing the importance of optimizing neural network architecture for improved accuracy and reduced false positives

Anti-phishing technique based on dynamic image captcha using multi secret sharing scheme

With the cutting-edge improvement of web, online abuses have been increasing rapidly. Phishing is the most widely recognized abuses performed by digital crooks nowadays. It is an activity to steal private data (for example, client names, passwords and Visa data) in an electronic correspondence. It is a sort of fraud with the end goal of monetary benefit and other fake exercises. It utilizes phony websites that resemble genuine ones. Phishing messages might contain links to sites that are contaminated with malware. In this paper, “an anti-phishing approach using multi secret sharing scheme” is implemented as an answer to this problem. Here, Dynamic Image CAPTCHA based verification using multi secret sharing is performed. Image CAPTCHA is divided into two pieces called shares. Multiple secret pictures are revealed by overlapping the same set of shares at different angles. In the proposed approach, shares are of different modes i.e., user’s share is imprinted on a physical transparency while server’s share is in digital mode. By using the proposed approach, websites and end clients can cross confirm their identity.

Anti-Phishing Techniques – A Review of Cyber Defense Mechanisms

Anti-Phishing Techniques – A Review of Cyber Defense Mechanisms

Phishing websites detection using a novel multipurpose dataset and web technologies features

Phishing attacks are one of the most challenging social engineering cyberattacks due to the large amount of entities involved in online transactions and services. In these attacks, criminals deceive users to hijack their credentials or sensitive data through a login form which replicates the original website and submits the data to a malicious server. Many anti-phishing techniques have been developed in recent years, using different resource such as the URL and HTML code from legitimate index websites and phishing ones. These techniques have some limitations when predicting legitimate login websites, since, usually, no login forms are present in the legitimate class used for training the proposed model. Hence, in this work we present a methodology for phishing website detection in real scenarios, which uses URL, HTML, and web technology features. Since there is not any updated and multipurpose dataset for this task, we crafted the Phishing Index Login Websites Dataset (PILWD), an offline phishing dataset composed of 134,000 verified samples, that offers to researchers a wide variety of data to test and compare their approaches. Since approximately three-quarters of collected phishing samples request the introduction of credentials, we decided to crawl legitimate login websites to match the phishing standpoint. The developed approach is independent of third party services and the method relies on a new set of features used for the very first time in this problem, some of them extracted from the web technologies used by the on each specific website. Experimental results show that phishing websites can be detected with 97.95% accuracy using a LightGBM classifier and the complete set of the 54 features selected, when it was evaluated on PILWD dataset.

Predicting User Susceptibility to Phishing Based on Multidimensional Features.

While antiphishing techniques have evolved over the years, phishing remains one of the most threatening attacks on current network security. This is because phishing exploits one of the weakest links in a network system—people. The purpose of this research is to predict the possible phishing victims. In this study, we propose the multidimensional phishing susceptibility prediction model (MPSPM) to implement the prediction of user phishing susceptibility. We constructed two types of emails: legitimate emails and phishing emails. We gathered 1105 volunteers to join our experiment by recruiting volunteers. We sent these emails to volunteers and collected their demographic, personality, knowledge experience, security behavior, and cognitive processes by means of a questionnaire. We then applied 7 supervised learning methods to classify these volunteers into two categories using multidimensional features: susceptible and nonsusceptible. The experimental results indicated that some machine learning methods have high accuracy in predicting user phishing susceptibility, with a maximum accuracy rate of 89.04%. We conclude our study with a discussion of our findings and their future implications.

Hunger Search Optimization with Hybrid Deep Learning Enabled Phishing Detection and Classification Model

Phishing is one of the simplest ways in cybercrime to hack the reliable data of users such as passwords, account identifiers, bank details, etc. In general, these kinds of cyberattacks are made at users through phone calls, emails, or instant messages. The anti-phishing techniques, currently under use, are mainly based on source code features that need to scrape the webpage content. In third party services, these techniques check the classification procedure of phishing Uniform Resource Locators (URLs). Even though Machine Learning (ML) techniques have been lately utilized in the identification of phishing, they still need to undergo feature engineering since the techniques are not well-versed in identifying phishing offenses. The tremendous growth and evolution of Deep Learning (DL) techniques paved the way for increasing the accuracy of classification process. In this background, the current research article presents a Hunger Search Optimization with Hybrid Deep Learning enabled Phishing Detection and Classification (HSOHDL-PDC) model. The presented HSOHDL-PDC model focuses on effective recognition and classification of phishing based on website URLs. In addition, SOHDL-PDC model uses character-level embedding instead of word-level embedding since the URLs generally utilize words with no importance. Moreover, a hybrid Convolutional Neural Network-Long Short Term Memory (HCNN-LSTM) technique is also applied for identification and classification of phishing. The hyperparameters involved in HCNN-LSTM model are optimized with the help of HSO algorithm which in turn produced improved outcomes. The performance of the proposed HSOHDL-PDC model was validated using different datasets and the outcomes confirmed the supremacy of the proposed model over other recent approaches.

Multilayer Stacked Ensemble Learning Model to Detect Phishing Websites

Phishing is a cyber attack that tricks the online users into revealing sensitive information with a fake website imitating a legitimate website. The attackers with stolen credentials not only use them for the targeted website but also can be used for accessing the other popular legitimate websites. There exists many anti-phishing techniques, toolbars, extensions to counter the phishing sites but still the phishing attacks are major concern in the current digital world. In this paper, we propose a multilayered stacked ensemble learning technique which consists of estimators at different layers where the predictions of estimators from current layer are fed as input to the next layer. From the experimental results, it is observed that the proposed model achieved a significant performance when evaluated with different datasets with an accuracy of ranging from 96.79%to 98.90%. The proposed model is evaluated with datasets from UCI(D1), Mendeley 2018(D2) and Mendeley 2020(D3,D4). The proposed model achieved detection rate of 97.76% with D1 dataset, achieved an accuracy of 98.9% with D2 dataset. Finally, the technique is tested with D3 and D4 which resulted in accuracy of 96.79% and 98.43% respectively. Also, the proposed model outperformed baseline models corresponding to datasets with a significant difference in accuracy and F score metrics.

An anti-phishing model based on similarity measurement

Phishing has represented a more noteworthy danger to clients. In the current work, the authors attempted to build up a powerful anti-phishing technique based on hybrid similarity approach combining Cosine and Soft Cosine similarity that measures the resemblance between user query and database. The proposed similarity hybrid is also evaluated against another similarity hybrid comprising of Cosine and Jaccard similarity measure so as to validate the proposed work. Both hybrid similarities are separately fed to validation layer of feed forward back propagation neural network (FFBPNN) to predict phishing and legitimate websites. The performance of the proposed work is evaluated against data set comprising of 3,000 sample files in terms of positive predictive value (PPV), true positive rate (TPR) and F-measure. The comparative analysis demonstrated that the anti-phishing model using proposed similarity hybrid outperformed the cosine and Jaccard similarity hybrid with 0.233%, 0.2833% and 0.258% higher PPV, TPR and F-measure, respectively.

Phishing Website Detection Based on Deep Convolutional Neural Network and Random Forest Ensemble Learning.

Phishing has become one of the biggest and most effective cyber threats, causing hundreds of millions of dollars in losses and millions of data breaches every year. Currently, anti-phishing techniques require experts to extract phishing sites features and use third-party services to detect phishing sites. These techniques have some limitations, one of which is that extracting phishing features requires expertise and is time-consuming. Second, the use of third-party services delays the detection of phishing sites. Hence, this paper proposes an integrated phishing website detection method based on convolutional neural networks (CNN) and random forest (RF). The method can predict the legitimacy of URLs without accessing the web content or using third-party services. The proposed technique uses character embedding techniques to convert URLs into fixed-size matrices, extract features at different levels using CNN models, classify multi-level features using multiple RF classifiers, and, finally, output prediction results using a winner-take-all approach. On our dataset, a 99.35% accuracy rate was achieved using the proposed model. An accuracy rate of 99.26% was achieved on the benchmark data, much higher than that of the existing extreme model.

Intelligent antiphishing framework to detect phishing scam: A hybrid classification approach

ABSTRACTIn the inevitably hi‐tech universe of cybercrimes, one of the major still prevailing methods is the usage of the malicious URLs and creating a Phishing link to obtain user credentials from the people. This method is highly subtle and has more effect on people's lives as well as corporate loss. To identify the malicious URLs, the security community has listed blacklists and benign links online. Still, as the technology is being developed day by day, the attackers try to create new phishing URLs using new social engineering methods that could be easily forged into the user's account. To improve the generality of malicious URL detectors, machine‐learning techniques have been explored with increasing attention in recent years. This article addresses the detection of malicious URLs combining the intelligence of both the heuristic‐based method and the machine learning process. It has been found that there are many possibilities for detecting zero‐day attacks and spear‐phishing attacks when incorporating both lexical features and machine learning methods. Out of the six‐batch learning process analyzed, we implement a decision tree algorithm in our framework with 99.47% accuracy during evaluation. The true positive values gained in our proposed hybrid framework is 99.2% and indicate <1% of the false‐positive values. The implementation shows a precision level higher than the previous model developed and by other antiphishing techniques. A high detection rate on zero‐day and spear‐phishing attacks and overall results reveal that our system outclasses the current approach to detecting phishing scams.

A hybrid DNN-LSTM model for detecting phishing URLs.

Phishing is an attack targeting to imitate the official websites of corporations such as banks, e-commerce, financial institutions, and governmental institutions. Phishing websites aim to access and retrieve users’ important information such as personal identification, social security number, password, e-mail, credit card, and other account information. Several anti-phishing techniques have been developed to cope with the increasing number of phishing attacks so far. Machine learning and particularly, deep learning algorithms are nowadays the most crucial techniques used to detect and prevent phishing attacks because of their strong learning abilities on massive datasets and their state-of-the-art results in many classification problems. Previously, two types of feature extraction techniques [i.e., character embedding-based and manual natural language processing (NLP) feature extraction] were used in isolation. However, researchers did not consolidate these features and therefore, the performance was not remarkable. Unlike previous works, our study presented an approach that utilizes both feature extraction techniques. We discussed how to combine these feature extraction techniques to fully utilize from the available data. This paper proposes hybrid deep learning models based on long short-term memory and deep neural network algorithms for detecting phishing uniform resource locator and evaluates the performance of the models on phishing datasets. The proposed hybrid deep learning models utilize both character embedding and NLP features, thereby simultaneously exploiting deep connections between characters and revealing NLP-based high-level connections. Experimental results showed that the proposed models achieve superior performance than the other phishing detection models in terms of accuracy metric.

A survey on anti-phishing techniques: From conventional methods to machine learning

A survey on anti-phishing techniques: From conventional methods to machine learning

Taxonomy of Cybersecurity Awareness Delivery Methods: A Countermeasure for Phishing Threats

Phishing is a serious threat to the Internet users and has become a vehicle for cybercriminals to perpetrate large-scale crimes worldwide. A wide range of technical and educational measures have been developed and used to address phishing threats. However, the technical anti-phishing measures have been widely studied in the current literature whereas comprehensive analysis of the non-technical anti-phishing techniques has generally been ignored. To close this gap, we develop a new taxonomy of the most common cybersecurity training delivery methods and compare them along various factors. The work reported in this paper is useful for various stakeholders. For organizations conducting or considering phishing training, it helps them understand the various awareness training and phishing campaigns capabilities and design an appropriate program with a meaningful return. For researchers, it offers a clearer understanding of the main challenges, the existing solution space, and the potential scope of future research to be addressed.

Enhanced Classification Method for Phishing Emails Detection

Emails are currently the main communication method worldwide as it proven in its efficiency. Phishing emails in the other hand is one of the major threats which results in significant losses, estimated at billions of dollars. Phishing emails is a more dynamic problem, a struggle between the phishers and defenders where the phishers have more flexibility in manipulating the emails features and evading the anti-phishing techniques. Many solutions have been proposed to mitigate the phishing emails impact on the targeted sectors, but none have achieved 100% detection and accuracy. As phishing techniques are evolving, the solutions need to be evolved and generalized in order to mitigate as much as possible. This article presents a new emergent classification model based on hybrid feature selection method that combines two common feature selection methods, Information Gain and Genetic Algorithm that keep only significant and high-quality features in the final classifier. The Proposed hybrid approach achieved 98.9% accuracy rate against phishing emails dataset comprising 8266 instances and results depict enhancement by almost 4%. Furthermore, the presented technique has contributed to reducing the search space by reducing the number of selected features.