Content Based Phishing Detection with Machine Learning

Phishing is one of the most common threats that users face while browsing the web. In the current threat landscape, a targeted phishing attack (i.e., spear phishing) often constitutes the first action of a threat actor during an intrusion campaign. To tackle this threat, many data-driven approaches have been proposed, which mostly rely on the use of supervised machine learning under a single-layer approach. However, such approaches are resource-demanding and, thus, their deployment in production environments is infeasible. Moreover, most previous works utilise a feature set that can be easily tampered with by adversaries. In this paper, we investigate the use of a multi-layered detection framework in which a potential phishing domain is classified multiple times by models using different feature sets. In our work, an additional classification takes place only when the initial one scores below a predefined confidence level, which is set by the system owner. We demonstrate our approach by implementing a two-layered detection system, which uses supervised machine learning to identify phishing attacks. We evaluate our system with a dataset consisting of active phishing attacks and find that its performance is comparable to the state of the art.

Download Full-text

An Adaptive Machine Learning Based Approach for Phishing Detection Using Hybrid Features

2019 5th International Conference on Web Research (ICWR) ◽

10.1109/icwr.2019.8765265 ◽

2019 ◽

Cited By ~ 4

Author(s):

Mohammad Mehdi Yadollahi ◽

Farzaneh Shoeleh ◽

Elham Serkani ◽

Afsaneh Madani ◽

Hossein Gharaee

Keyword(s):

Machine Learning ◽

Hybrid Features ◽

Phishing Detection

Download Full-text

Detecting Phishing Website Using Machine Learning

International Journal of Advanced Research in Science, Communication and Technology ◽

10.48175/ijarsct-1082 ◽

2021 ◽

pp. 16-19

Author(s):

Aarti Chile ◽

Mrunal Jadhav ◽

Shital Thakare ◽

Prof. Yogita Chavan

Keyword(s):

Machine Learning ◽

Electronic Communication ◽

Personal Information ◽

Learning Algorithms ◽

Machine Learning Algorithms ◽

Uniform Resource Locator ◽

Debit Card ◽

Maximum Accuracy ◽

Phishing Detection

A fraud attempt to get sensitive and personal information like password, username, and bank details like credit/debit card details by masking as a reliable organization in electronic communication. The phishing website will appear the same as the legitimate website and directs the user to a page to enter personal details of the user on the fake website. Through machine learning algorithms one can improve the accuracy of the prediction. The proposed method predicts the URL based phishing websites based on features and also gives maximum accuracy. This method uses uniform resource locator (URL) features. We identified features that phishing site URLs contain. The proposed method employs those features for phishing detection. The proposed system predicts the URL based phishing websites with maximum accuracy.

Download Full-text

Evaluation of state-of-art phishing detection strategies based on machine learning

Investigación en Ciberseguridad - Colección Jornadas y Congresos ◽

10.18239/jornadas_2021.34.06 ◽

2021 ◽

Author(s):

F. Castaño ◽

M. Sánchez-Paniagua ◽

J. Delgado ◽

J. Velasco-Mata ◽

A. Sepúlveda ◽

...

Keyword(s):

Machine Learning ◽

Phishing Detection ◽

Detection Strategies ◽

State Of Art

Download Full-text

MMSPhiD: a phoneme based phishing verification model for persons with visual impairments

Information and Computer Security ◽

10.1108/ics-12-2017-0091 ◽

2018 ◽

Vol 26 (5) ◽

pp. 613-636 ◽

Cited By ~ 2

Author(s):

Gunikhan Sonowal ◽

KS Kuppusamy

Keyword(s):

Machine Learning ◽

Design Methodology ◽

Practical Implication ◽

Visual Impairments ◽

Similarity Metrics ◽

Content Type ◽

Proposed Model ◽

Verification Model ◽

Phishing Detection ◽

Metrics Model

Purpose This paper aims to propose a model entitled MMSPhiD (multidimensional similarity metrics model for screen reader user to phishing detection) that amalgamates multiple approaches to detect phishing URLs. Design/methodology/approach The model consists of three major components: machine learning-based approach, typosquatting-based approach and phoneme-based approach. The major objectives of the proposed model are detecting phishing URL, typosquatting and phoneme-based domain and suggesting the legitimate domain which is targeted by attackers. Findings The result of the experiment shows that the MMSPhiD model can successfully detect phishing with 99.03 per cent accuracy. In addition, this paper has analyzed 20 leading domains from Alexa and identified 1,861 registered typosquatting and 543 phoneme-based domains. Research limitations/implications The proposed model has used machine learning with the list-based approach. Building and maintaining the list shall be a limitation. Practical implication The results of the experiments demonstrate that the model achieved higher performance due to the incorporation of multi-dimensional filters. Social implications In addition, this paper has incorporated the accessibility needs of persons with visual impairments and provides an accessible anti-phishing approach. Originality/value This paper assists persons with visual impairments on detection phoneme-based phishing domains.

Download Full-text