Survey and Analysis on AI Based Phishing Detection Techniques

Phishing is one of the major challenges faced by the world of e-commerce today. Thanks to phishing attacks, billions of dollars have been lost by many companies and individuals. In 2012, an online report put the loss due to phishing attack at about $1.5 billion. This global impact of phishing attacks will continue to be on the increase and thus requires more efficient phishing detection techniques to curb the menace. This paper investigates and reports the use of random forest machine learning algorithm in classification of phishing attacks, with the major objective of developing an improved phishing email classifier with better prediction accuracy and fewer numbers of features. From a dataset consisting of 2000 phishing and ham emails, a set of prominent phishing email features (identified from the literature) were extracted and used by the machine learning algorithm with a resulting classification accuracy of 99.7% and low false negative (FN) and false positive (FP) rates.

Download Full-text

Machine Learning and Nature Inspired Based Phishing Detection: A Literature Survey

International Journal of Artificial Intelligence Tools ◽

10.1142/s0218213019300023 ◽

2019 ◽

Vol 28 (05) ◽

pp. 1930002 ◽

Cited By ~ 1

Author(s):

Andronicus A. Akinyelu

Keyword(s):

Machine Learning ◽

Third Party ◽

Good Picture ◽

Detection Techniques ◽

Recent Success ◽

Current State ◽

Comprehensive Survey ◽

Small Feature ◽

Phishing Detection ◽

Rare Opportunity

Phishing detection remains one of the most challenging problems currently faced by cyber users as sophisticated phishing schemes evolves rapidly. This paper presents a comprehensive survey of different phishing detection techniques with a focus of identifying gaps and proffering solutions to the current phishing detection problems. As shown in the survey, numerous techniques have been proposed to tackle phishing, including Machine Learning (ML) based, Nature Inspired (NI) based, heuristic-based, blacklist-based and whitelist-based techniques. However, ML-based techniques outperform other techniques in terms of classification accuracy due to their ability to analyze data contents, extract unknown or concealed patterns from the data and consequently turn the patterns into meaningful information for decision making. Unfortunately, ML algorithms cannot effectively handle big datasets, hence they can be combined with NI algorithms to build fast and improved models for phishing detection. Although, some surveys on phishing detection techniques exist, very few focused on ML-based and NI-based techniques. Therefore, this study presents a survey on ML-based and NI-based phishing detection techniques. The survey reveals the various shortcomings of phishing detection techniques, including limited dataset, use of third-party services (age of domain, search engine query, etc.), use of small feature set, use of classification rules, use of blacklist and whitelist, etc. There is an obvious need for efficient and reliable solutions for phishing detection. The recent success and prevalence of deep learning provides a rare opportunity for researchers seeking to design improved and effective phishing detection techniques. This study aims to empower the research community with suitable solutions and motivating insights that can be used to effectively tackle the phishing detection problem. It provides a good picture of the current state-of-the-art on phishing detection and serves as a reliable springboard for further studies.

Download Full-text

URL Based Phishing Detection

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.a2657.059120 ◽

2020 ◽

Vol 9 (1) ◽

pp. 1872-1875

Keyword(s):

Machine Learning ◽

Data Collection ◽

Personal Information ◽

Model Testing ◽

Data Availability ◽

Suggested Approach ◽

Detection Techniques ◽

Model Consistency ◽

Phishing Detection ◽

Accuracy Data

Damage caused due to phishing attacks is that which targets the user's personal information. Phishing includes sending a user an email, or causing a phishing page to steal personal information from a user. Blacklist-based detection techniques can detect this form of attack; however, these approaches have certain limitations, and the number of people affecting have continued to grow. The aim of a technique for phishing detection using machine learning to identify each URL into either a legitimate URL or a phished URL. Data availability here in this proposed solution is the key to executing the solution and if there is any issue with data availability it can cost the project accuracy. Data used for model testing must be reliable and appropriate to almost identify all the websites that the user wants to check. Model consistency is another factor that may trigger project failure so the model has to be accurate in determining a true identity of URLs. This technique employs features of a standardized resource locator (URL). The features have been defined which contain URLs for the phishing site. The suggested approach employs certain characteristics to detect phishing. The strategy was tested with a data collection of 3,000 URLs for the phishing site and 3,000 valid URLs for the site. The findings show that more than 90 percent of phishing sites can be identified by the proposed technique

Download Full-text

Robust Phishing Detection Against Adversaries

WSEAS TRANSACTIONS ON COMPUTER RESEARCH ◽

10.37394/232018.2022.10.1 ◽

2022 ◽

Vol 10 ◽

pp. 1-8

Author(s):

Saad Al-Ahmadi

Keyword(s):

Neural Network ◽

Convolutional Neural Network ◽

State Of The Art ◽

Model Performance ◽

Predicting Model ◽

Detection Techniques ◽

Mutation Strategy ◽

Phishing Detection

Phishing websites have grown more recently than ever, and they become more intelligent, even against well-designed phishing detection techniques. Formerly, we have proposed in the literature a state-of-the-art URL-exclusive phishing detection solution based on Convolutional Neural Network (CNN) model, which we referred as PUCNN model. Phishing detection is adversarial as the phisher may attempt to avoid the detection. This adversarial nature makes standard evaluations less useful in predicting model performance in such adversarial situations. We aim to improve PUCNN by addressing the adversarial nature of phishing detection with a restricted adversarial scenario, as PUCNN has shown that an unrestricted attacker dominates. To evaluate this adversarial scenario, we present a parameterized text-based mutation strategy used for generating adversarial samples. These parameters tune the attacker’s restrictions. We have focused on text-based mutation due to our focus on URL-exclusive models. The PUCNN model generally showed robustness and performed well when the parameters were low, which indicates a more restricted attacker.

Download Full-text

A Case-Based Reasoning Approach for Automatic Adaptation of Classifiers in Mobile Phishing Detection

Journal of Computer Networks and Communications ◽

10.1155/2019/7198435 ◽

2019 ◽

Vol 2019 ◽

pp. 1-14

Author(s):

San Kyaw Zaw ◽

Sangsuree Vasupongayya

Keyword(s):

Concept Drift ◽

Case Based Reasoning ◽

Sensitive Information ◽

Design Decision ◽

Detection Techniques ◽

Android Apps ◽

Detection Approach ◽

Proposed Model ◽

Phishing Detection ◽

Case Based

Currently, the smartphone contains lots of sensitive information. The increasing number of smartphone usage makes it more interesting for phishers. Existing phishing detection techniques are performed on their specific features with selected classifiers to get their best accuracy. An effective phishing detection approach is required to adapt the concept drift of mobile phishing and prevent degradation in accuracy. In this work, an adaptive phishing detection approach based on case-based reasoning technique is proposed to handle the concept drift challenge in phishing apps. Several experiments are conducted in order to demonstrate the design decision of our proposed model. The proposed model is evaluated with a large feature set containing 1,065 features from 10 different categories. These features are extracted from more than 10,000 android applications. Five combinations of features are created in order to mimic new real-world Android apps to evaluate our experiments. Moreover, a reduced feature set is also studied in this work in order to improve the efficiency of the proposed model. Both accuracy and efficiency of the proposed model are evaluated. The experimental results show that our proposed model achieves acceptable accuracy and efficiency for the phishing detection.

Download Full-text

Phishing Detection: Analysis of Visual Similarity Based Approaches

Security and Communication Networks ◽

10.1155/2017/5421046 ◽

2017 ◽

Vol 2017 ◽

pp. 1-20 ◽

Cited By ~ 34

Author(s):

Ankit Kumar Jain ◽

B. B. Gupta

Keyword(s):

Solution Space ◽

Threshold Value ◽

Visual Similarity ◽

Future Research ◽

Detection Techniques ◽

Detection Analysis ◽

Phishing Attacks ◽

Text Content ◽

Phishing Detection ◽

Financial Losses

Phishing is one of the major problems faced by cyber-world and leads to financial losses for both industries and individuals. Detection of phishing attack with high accuracy has always been a challenging issue. At present, visual similarities based techniques are very useful for detecting phishing websites efficiently. Phishing website looks very similar in appearance to its corresponding legitimate website to deceive users into believing that they are browsing the correct website. Visual similarity based phishing detection techniques utilise the feature set like text content, text format, HTML tags, Cascading Style Sheet (CSS), image, and so forth, to make the decision. These approaches compare the suspicious website with the corresponding legitimate website by using various features and if the similarity is greater than the predefined threshold value then it is declared phishing. This paper presents a comprehensive analysis of phishing attacks, their exploitation, some of the recent visual similarity based approaches for phishing detection, and its comparative study. Our survey provides a better understanding of the problem, current solution space, and scope of future research to deal with phishing attacks efficiently using visual similarity based approaches.

Download Full-text

Exquisite Analysis of Popular Machine Learning–Based Phishing Detection Techniques for Cyber Systems

Journal of Applied Security Research ◽

10.1080/19361610.2020.1816440 ◽

2020 ◽

pp. 1-25

Author(s):

Meenakshi Das ◽

Sowmya Saraswathi ◽

Rashmi Panda ◽

Alekha Kumar Mishra ◽

Asis Kumar Tripathy

Keyword(s):

Machine Learning ◽

Detection Techniques ◽

Phishing Detection

Download Full-text