Detection of phishing websites using an efficient feature-based machine learning framework

In this cyber world, most people communicate with each other either through a computer or a digital device connected over the Internet. The number of people using e-banking, online shopping and other online services has been increasing due to the availability of convenience, comfort, and assistance. An attacker takes this situation as an opportunity to gain money or fame and steals sensitive information needed to access the online service websites. Phishing is one of the ways to steal sensitive information from users. It is carried out with a mimicked page of a legitimate site, directing online users into providing sensitive information.

Abstract

Phishing is a cyber-attack that targets naive online users tricking into revealing sensitive information such as username, password, social security number or credit card number, etc. Attackers fool the Internet users by masking webpage as a trustworthy or legitimate page to retrieve personal information.

There are many anti-phishing solutions such as blacklist or whitelist, heuristic and visual similarity-based methods proposed to date, but online users are still getting trapped into revealing sensitive information in phishing websites. In this paper, we propose a novel classification model, based on heuristic features that are extracted from URL, source code, and third-party services to overcome the disadvantages of existing anti-phishing techniques.

Our model has been evaluated using eight different machine learning algorithms and out of which, the Random Forest (RF) algorithm performed the best with an accuracy of 99.31%. The experiments were repeated with different (orthogonal and oblique) random forest classifiers to find the best classifier for the phishing website detection. Principal component analysis Random Forest (PCA-RF) performed the best out of all oblique Random Forests (oRFs) with an accuracy of 99.55%.

We have also tested our model with the third-party-based features and without third-party-based features to determine the effectiveness of third-party services in the classification of suspicious websites. We also compared our results with the baseline models (CANTINA and CANTINA+). Our proposed technique outperformed these methods and also detected zero-day phishing attacks.

By Routhu Srinivasa Rao & Alwyn Roshan Pais

Source: https://link.springer.com/article/10.1007%2Fs00521-017-3305-0

You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *