Phishing Website Detection Research Articles

Phishing website detection using novel integration of BERT and XLNet with deep learning sequential models

Phishing website detection using novel integration of BERT and XLNet with deep learning sequential models

Unmasking phishers: ML for malicious certificate detection

Phishing attacks increasingly use digital certificates to appear safe to users, and the frequency of such attacks has surged in recent years. As an example, around 80% of the 2021 phishing attacks used digital certificates to appear legitimate. The most common methods today for detecting phishing websites rely on users reporting the websites to phishing repositories, where they are then confirmed. This process can be slow, allowing the attacker to have time to have their phishing attack out on the Internet. Newer methods that implement machine learning models for the detection of phishing websites based on their digital certificate have been shown to be effective. This paper presents a system that uses certificate and domain name related features along with machine learning methods for the detection of phishing websites. To develop the system, data was collected from PhishTank and Tranco for domain names, and Censys was used for certificate retrieval. The domain related features are partly engineered using a time-series based deep learning model to get a vector representation of the domain name. Using the features engineered from the certificate and domain name, classical machine learning classifiers are trained and compared. Enriching the feature set with the vector representation of the domain names results in higher performance in distinguishing suspicious certificates from benign ones, going from an F1-score of 0.77 for a feature set solely based on certificate-related features to a performance of 0.89 with the enriched feature set. A time-based evaluation reflects the same performance with an F1-score of 0.88, which is an improvement compared to existing approaches to feature engineering.

Enhanced Phishing Website Detection Using Dual-Layer CNN and GRU with Attention Mechanism and Lexical NLP Features

Enhanced Phishing Website Detection Using Dual-Layer CNN and GRU with Attention Mechanism and Lexical NLP Features

Models in Review for the Analysis of Phishing Website URLs

In this paper, we compare our method on DEFRAUD with current online API services and the state-of-the-art machine learning model for defending against phishing websites. Rule-based methods, in nature traditional such rules tend to get outdated quickly and are not capable of tracing new tactics used by the malicious ware every second. Over time, new proactive approaches enabled by machine learning (ML) have become more important as these solutions are flexible and adaptable in their ability to scan through modern data breaches for patterns from millions of datasets. In this study, we explore various machine learning algorithms: Logistic Regression (LR), K-Nearest Neighbors (KNN), Decision Trees (DT) Random Forest (RF), Support Vector Classifiers (SVC) and xgBoost for phishing website detection. Ensemble Methods like Random Forest, XGBoost have better accuracy/precision/recall. Metrics. While XGBoost is resource hungry, it is well known for out of the box support with huge data dimensions as well deep learning framework and avoiding overfitting. The study underscores the importance of integrating machine-learning models into practical cybersecurity applications. Future research should focus on improving these models and expanding their application across different domains to enhance cybersecurity defenses.

Ensemble Learning Approach for Phishing Website Detection Using an Optimal Greedy Stacking Model

Ensemble Learning Approach for Phishing Website Detection Using an Optimal Greedy Stacking Model

Phishing Website Detection Using Improved Multilayered Convolutional Neural Networks

Phishing Website Detection Using Improved Multilayered Convolutional Neural Networks

Recognition of Malicious URLs Using Machine Learning

The surge in online activities has heightened the risk of cyber-attacks, with phishing emerging as a notably widespread threat. Conventional phishing detection methods, such as blacklists and heuristic analysis, fall short when it comes to identifying novel and complex phishing schemes. To tackle this issue, we propose a machine learning-based solution for detecting phishing websites. Our model utilizes a combination of features—such as URL structure, domain attributes, and content characteristics—to categorize websites as either phishing or legitimate. The model's outstanding overall accuracy of 96.9% underscores the need to evaluate both precision and recall when determining the effectiveness of machine learning models. The results of this study are significant for developing robust URL classification models and advancing the field of cybersecurity. Future research could aim to improve the model's performance by integrating more features, developing real-time phishing detection systems, and exploring new attributes that can be derived from URLs. Keywords: Phishing, URL, Machine Learning, Classification, Detection

Automatic phishing website detection and prevention model using transformer deep belief network

In the digitally connected world cybersecurity is paramount, phishing where attackers pose as trusted entities to steal sensitive data, looms large. The proliferation of phishing attacks on the internet poses a substantial threat to individuals and organizations, compromising sensitive information and causing financial and reputational damage. This study's goal is to establish an automated system for the early detection and prevention of phishing websites, thereby enhancing online security and protecting users from cyber threats. This research initially employs One Hot Encoding (OHE) mechanism-based pre-processing mechanism that converts every URL string into a numerical vector with a particular dimension. This study utilizes two feature selection techniques which are transfer learning-based feature extraction using DarkNet19 and Variational Autoencoder (VAE) to select the value of the most important feature. The robust security mechanisms are presented to prevent phishing attacks and safeguard personal information on websites. List-based deep learning-based systems to prevent and detect phishing URLs more efficiently. The study proposes a transformer-based Deep Belief Network (TB-DBN), a veritable pre-trained deep transformer network model for phishing behaviour detection. A cross-validation technique with grid search hyper-parameter tuning based on the Intelligence Binary Bat Algorithm (IBBA) was designed using the proposed hybrid model. Predictions were made to classify the phishing URLs using a probabilistic estimation guided boosting classifier model and evaluate their performance in terms of accuracy, precision, recall, specificity, and F1- score. The risk level associated with the URL will be assessed based on various factors, such as the source's reputation, content analysis results, and behavioural anomalies. The computational complexity of DL model training is influenced by various factors, such as the model's complexity, the training data's size, and the optimization algorithm exploited, for training. The outcome demonstrates that tweaking variables increases the effectiveness of Python-based deep learning systems. The findings of the proposed method excel, achieving an accuracy of 99.4 %, precision of 99.2 %, recall of 99.3 %, and an F1-score of 99.2 %. This innovative automatic phishing website detection and prevention model, based on a Transformer-based Deep Belief Network, offers advanced accuracy and adaptability, strengthening cybersecurity measures to safeguard sensitive user information and mitigate the substantial threat of phishing attacks in the digitally connected world.

Comparative Analysis of Nature-Inspired Metaheuristic Techniques for Optimizing Phishing Website Detection

The increasing number, frequency, and sophistication of phishing website-based attacks necessitate the development of robust solutions for detecting phishing websites to enhance the overall security of cyberspace. Drawing inspiration from natural processes, nature-inspired metaheuristic techniques have been proven to be efficient in solving complex optimization problems in diverse domains. Following these successes, this research paper aims to investigate the effectiveness of metaheuristic techniques, particularly Genetic Algorithms (GAs), Differential Evolution (DE), and Particle Swarm Optimization (PSO), in optimizing the hyperparameters of machine learning (ML) algorithms for detecting phishing websites. Using multiple datasets, six ensemble classifiers were trained on each dataset and their hyperparameters were optimized using each metaheuristic technique. As a baseline for assessing performance improvement, the classifiers were also trained with the default hyperparameters. To validate the genuine impact of the techniques over the use of default hyperparameters, we conducted statistical tests on the accuracy scores of all the optimized classifiers. The results show that the GA is the most effective technique, by improving the accuracy scores of all the classifiers, followed by DE, which improved four of the six classifiers. PSO was the least effective, improving only one classifier. It was also found that GA-optimized Gradient Boosting, LGBM and XGBoost were the best classifiers across all the metrics in predicting phishing websites, achieving peak accuracy scores of 98.98%, 99.24%, and 99.47%, respectively.

Phishing Website Detection Using Bidirectional Gated Recurrent Unit Model and Feature Selection

Phishing attacks continue to be a significant threat to internet users, necessitating the development of advanced detection systems. This study explores the efficacy of a Bidirectional Gated Recurrent Unit (BiGRU) model combined with feature selection techniques for detecting phishing websites. The dataset used for this research is sourced from the UCI Machine Learning Repository, specifically the Phishing Websites dataset. This approach involves cleaning and preprocessing the data, then normalizing features and employing feature selection to identify the most relevant attributes for classification. The BiGRU model, known for its ability to capture temporal dependencies in data, is then applied. To ensure robust evaluation, we utilized cross-validation, dividing the data into five folds. The experimental results are highly promising, demonstrating a Mean Accuracy, Mean Precision, Mean Recall, Mean F1 Score, and Mean AUC of 1.0. These results indicate the model's exceptional performance distinguishing between phishing and legitimate websites. This study highlights the potential of combining BiGRU models with feature selection and cross-validation to create highly accurate phishing detection systems, providing a reliable solution to enhance cybersecurity measures.

AccuRapidGuard: Advancing phishing website detection with high performance and efficiency

AccuRapidGuard: Advancing phishing website detection with high performance and efficiency

An empirical study on feature importance and model performance for phishing website detection using a random forest classifier

An empirical study on feature importance and model performance for phishing website detection using a random forest classifier

A Comprehensive Review on an Advanced Machine Learning Approach for Enhancing Phishing Website Detection

Abstract: Phishing attacks continue to pose a significant threat to online security, exploiting user trust to steal sensitive information. This paper presents a comprehensive review of advanced machine learning techniques for enhancing phishing website detection. We analyze recent developments in feature engineering, focusing on content-based, URL-based, and networkbased attributes. Various machine learning algorithms, including supervised and unsupervised learning, are examined, highlighting their strengths and limitations in this domain. Furthermore, we investigate the potential of ensemble methods and deep learning models to improve detection accuracy. Additionally, we address challenges such as concept drift and adversarial attacks, discussing potential mitigation strategies. Finally, we outline future research directions, emphasizing the need for adaptable and real-time detection systems to counter evolving phishing tactics. This review serves as a valuable resource for researchers and practitioners seeking to develop more robust and effective phishing website detection solutions.

Phishing Website Detection using Machine Learning

Phishing attacks are a prevalent threat in cybersecurity, targeting users by tricking them into providing sensitive information through deceptive websites. This project aims to develop a robust method for detecting phishing websites by extracting and analyzing URL features using machine learning techniques. By leveraging various features such as URL length, special characters, subdomains, and suspicious keywords, we aim to build a predictive model that accurately identifies phishing URLs. This paper discusses the methodology, including data collection, preprocessing, feature selection, model training, and evaluation, ultimately highlighting the model's performance and potential applications in real-world scenarios. Keywords— Phishing Detection, Machine learning, Phish Tank

Multi-SpacePhish: Extending the Evasion-space of Adversarial Attacks against Phishing Website Detectors Using Machine Learning

Existing literature on adversarial Machine Learning (ML) focuses either on showing attacks that break every ML model or defenses that withstand most attacks. Unfortunately, little consideration is given to the actual feasibility of the attack or the defense. Moreover, adversarial samples are often crafted in the “feature-space,” making the corresponding evaluations of questionable value. Simply put, the current situation does not allow one to estimate the actual threat posed by adversarial attacks, leading to a lack of secure ML systems. We aim to clarify such confusion in this article. By considering the application of ML for Phishing Website Detection (PWD), we formalize the “evasion-space,” in which an adversarial perturbation can be introduced to fool an ML-PWD—demonstrating that even perturbations in the “feature-space” are useful. Then, we propose a realistic threat model describing evasion attacks against ML-PWD that are cheap to stage, and hence intrinsically more attractive for real phishers. After that, we perform the first statistically validated assessment of state-of-the-art ML-PWD against 12 evasion attacks. Our evaluation shows (i) the true efficacy of evasion attempts that are more likely to occur; and (ii) the impact of perturbations crafted in different evasion-spaces; our realistic evasion attempts induce a statistically significant degradation (3–10% at p < 0.05), and their cheap cost makes them a subtle threat. Notably, however, some ML-PWD are immune to our most realistic attacks ( p = 0.22). Finally, as an additional contribution of this journal publication, we are the first to propose and empirically evaluate the intriguing case wherein an attacker introduces perturbations in multiple evasion-spaces at the same time . These new results show that simultaneously applying perturbations in the problem- and feature-space can cause a drop in the detection rate from 0.95 to 0. Our contribution paves the way for a much-needed re-assessment of adversarial attacks against ML systems for cybersecurity.

A Developed Model Based on Machine Learning Algorithms for Phishing Website Detection

Abstract: Users are accessing websites for many purposes, such as obtaining information about a particular topic, buying items, accessing their accounts, etc. Cybercriminals use phishing websites to attain the sensitive information of the users, like usernames and passwords, credit card details, etc. Detecting phishing websites helps in protecting the information and the money of people. Machine learning algorithms can be applied to detect phishing websites. In this paper, a model based on various machine learning algorithms is developed to detect phishing websites. The machine learning algorithms used in this model are Decision Tree, Random Forest, Extra Trees, K-Nearest Neighbors, Multilayer Perceptron and Support Vector Machine. The dataset of phishing websites is taken from the Kaggle website. The algorithms mentioned above of the developed model are compared together to identify which algorithm has better classification results. The extra trees algorithm offers the best results for accuracy, precision, and F1-Score. This paper also compares the developed model with a previous model that uses the same dataset and relies upon decision tree, random forest, and support vector machine to determine which model has better classification report results. The developed model, depending on the Decision Tree and SVM, offers better classification results than those of the previous models. The developed model is compared with another preceding model relying upon Decision Tree and Random Forest algorithms to determine which model generates better results for accuracy, precision, recall/sensitivity, and F1-Score. The developed model, depending on the Decision Tree, presents better results for accuracy, recall, and F1-Score than the results of accuracy, sensitivity, and F1-Score for the preceding model based on the Decision Tree.

Proactive Phishing Website URL Scanner

The proliferation of phishing attacks represents a critical challenge to cybersecurity, necessitating the development of advanced detection systems. Our project, "Phishing Website Detection Using Machine Learning," aims to address this challenge by leveraging sophisticated machine learning algorithms to meticulously analyze and distinguish phishing websites from legitimate ones. By systematically examining various features and patterns within web content, such as URL anomalies, use of secure protocols, and other distinctive markers, the project seeks to accurately identify and classify phishing attempts. The approach encompasses comprehensive data collection, meticulous preprocessing to enhance data quality, and the employment of diverse machine learning models tailored for optimal performance in real-time detection scenarios. This endeavor not only focuses on enhancing online security measures but also on ensuring user-friendly interaction to facilitate widespread adoption. Through the integration of advanced machine learning techniques and a keen focus on the dynamic nature of cyber threats, this project endeavors to contribute significantly to the proactive defense against phishing attacks, thereby bolstering the integrity and trustworthiness of online spaces. A pivotal aspect of our methodology is the adoption of gradient boosting algorithms, a powerful ensemble learning technique renowned for its effectiveness in handling complex and nonlinear data. By integrating gradient boosting into our analysis, we significantly improve the model's ability to learn from and adapt to the intricacies of phishing website characteristics, ensuring a robust detection mechanism. This advanced algorithm iteratively corrects errors from previous models and combines weak predictors to form a strong predictive model, offering unparalleled accuracy in real-time phishing detection. The choice of gradient boosting reflects our commitment to employing cutting-edge technology to tackle the dynamic and evolving nature of cyber threats, balancing detection sensitivity with minimal false positives to ensure a seamless web experience for users.

DETECTION OF UNHEALTHY WEBSITES USING MACHINE LEARNING

In recent years, advancements in Internet and cloud technologies have led to a signicant increase in electronic trading in which consumers make online purchases and transactions. Accompanying this achievement are vices like unauthorized access to users' sensitive information and damages to enterprise resources. Phishing is one of the familiar attacks that trick users to access malicious content and gain their information. This study aims to develop an efcient machine-learning program to detect phishing websites with high accuracy. Most phishing webpages look identical to the actual web pages and various strategies for detecting phishing websites, such as blacklisting, and heuristics, among others have been suggested. Existing research works showed that the performance of the phishing detection system is limited and there is a demand for intelligent techniques to protect users from cyber-attacks. A Uniform resource locator (URL) detection technique based on a supervised machine learning approach – Naïve Bayes is employed and implemented in Python programming language. The efcacy of this approach was determined on a phishing dataset made up of 7900 malicious and 5800 legitimate sites, respectively. The results show that using the proposed methodology an accuracy of 96% can be achieved by using stacking, ltering along the Naïve Bayes and logistic regression. This study thoroughly investigates the use of machine laearning with features extracted from the URLs and was able to showcase common words for the identication of either phishing (unhealthy) or good websites and proffered a guide to end users against the recent approaches in malicious URLs detection.

Enhancing Phishing Detection: A Novel Hybrid Deep Learning Framework for Cybercrime Forensics

Abstract: Security concerns in internet communication, particularly phishing attacks, pose significant challenges to safeguarding user information. Phishing attacks aim to steal personal data by mimicking legitimate websites, making traditional detection methods less effective. Machine learning-based approaches, though widely used, often struggle with concealed phishing websites and evolving tactics by attackers. Key advancements include the integration of more layers and larger training datasets, along with feature extraction from the Phish Tank dataset. Our proposed model comprises seven layers, culminating in a specialized output layer structure. Experiment results showcase the efficacy of our approach, underscoring its potential to significantly enhance internet security. Furthermore, our model's ability to adapt to highly concealed phishing websites and the dynamic nature of attackers' tactics marks a significant improvement over existing methodologies. By incorporating a comprehensive feature set and leveraging deep learning techniques, our approach achieves state-of-the-art performance in phishing website detection.

Phishing Website Detection

Abstract: Phishing is an online threat where an attacker impersonates an authentic and trustworthy organization to obtain sensitive information from a victim. One example of such is trolling, which has long been considered a problem. However, recent advances in phishing detection, such as machine learning-based methods, have assisted in combatting these attacks. Therefore, this paper develops and compares four models for investigating the efficiency of using machine learning to detect phishing domains. It also compares the most accurate model of the four with existing solutions in the literature. The work carried out in this study is an update in the previous systematic literature surveys with more focus on the latest trends in phishing detection techniques. This study enhances readers' understanding of different types of phishing website detection techniques, the data sets used, and the comparative performance of algorithms used. Our findings show that the model based on the K means clustering is the most accurate of the other four techniques and outperforms other solutions in the literature.