Open Access
Subscription Access
Open Access
Subscription Access
Effectiveness of Machine Learning Techniques in Phishing Detection
Subscribe/Renew Journal
The Internet has become an indispensable part of our life, However, It also has provided opportunities to anonymously perform malicious activities like Phishing. Phishers try to deceive their victims by social engineering or creating mock-up websites to steal information such as account ID, username, password from individuals and organizations. Although many methods have been proposed to detect phishing websites, Phishers have evolved their methods to escape from these detection methods. One of the most successful methods for detecting these malicious activities is Machine Learning. This is because most Phishing attacks have some common characteristics which can be identified by machine learning methods. In this paper, we compared the results of multiple machine learning methods for predicting phishing websites.
Keywords
Classification, Cybercrime, Machine-learning, Phishing.
Subscription
Login to verify subscription
User
Font Size
Information
- FBI, “Ic3 annual report released.” [2] APWG, “Phishing activity trends report.” [3] V. Bhavsar, A. Kadlak, and S. Sharma, “Study on phishing attacks,” International Journal of Computer Applications, vol. 182, no. 33, pp. 27-29, 2018.
- I.-F. Lam, W.-C. Xiao, S.-C. Wang, and K.-T. Chen, “Counteracting phishing page polymorphism: An image layout analysis approach,” in International Conference on Information Security and Assurance, Springer, 2009, pp. 270-279.
- W. Jing, “Covert redirect vulnerability,” 2017.
- K. Krombholz, H. Hobel, M. Huber, and E. Weippl, “Advanced social engineering attacks,” Journal of Information Security and Applications, vol. 22, pp. 113-122, 2015.
- P. Kumaraguru, J. Cranshaw, A. Acquisti, L. Cranor, J. Hong, M. A. Blair, and T. Pham, “School of phish: A real-world evaluation of antiphishing training,” in Proceedings of the 5th Symposium on Usable Privacy and Security, 2009, pp. 1-12.
- R. C. Dodge Jr., C. Carver, and A. J. Ferguson, “Phishing for user security awareness,” Computers & Security, vol. 26, no. 1, pp. 73-80, 2007.
- R. Dhamija, J. D. Tygar, and M. Hearst, “Why phishing works,” in Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, 2006, pp. 581-590.
- C. Ludl, S. McAllister, E. Kirda, and C. Kruegel, “On the effectiveness of techniques to detect phishing sites,” in International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, Springer, 2007, pp. 20-39.
- A. P. Rosiello, E. Kirda, F. Ferrandi, et al., “A layout-similarity-based approach for detecting phishing pages,” in 2007 3rd International Conference on Security and Privacy in Communications Networks and the Workshops-Secure Comm 2007, IEEE, 2007, pp. 454-463.
- S. Afroz, and R. Greenstadt, “Phishzoo: Detecting phishing websites by looking at them,” in 2011 IEEE 5th International Conference on Semantic Computing, IEEE, 2011, pp. 368-375.
- K.-T. Chen, J.-Y. Chen, C.-R. Huang, and C.-S. Chen, “Fighting phishing with discriminative keypoint features,” IEEE Internet Computing, vol. 13, no. 3, pp. 56-63, 2009.
- A. K. Jain, and B. B. Gupta, “Phishing detection: Analysis of visual similarity based approaches,” Security and Communication Networks, vol. 2017, 2017.
- R. S. Rao, and S. T. Ali, “A computer vision technique to detect phishing attacks,” in 2015 5th International Conference on Communication Systems and Network Technologies, IEEE, 2015, pp. 596-601.
- B. B. Gupta, N. A. Arachchilage, and K. E. Psannis, “Defending against phishing attacks: Taxonomy of
- methods, current issues and future directions,” Telecommunication Systems, vol. 67, no. 2, pp. 247-267, 2018.
- A. Karatzoglou, D. Meyer, and K. Hornik, “Support vector machines in r,” Journal of Statistical Software, vol. 15, no. 9, pp. 1-28, 2006.
- L. Breiman, “Random forests,” Machine Learning, vol. 45, no. 1, pp. 5-32, 2001.
- T. Hastie, S. Rosset, J. Zhu, and H. Zou, “Multi-class adaboost,” Statistics and its Interface, vol. 2, no. 3, pp. 349-360, 2009.
- J. H. Friedman, “Stochastic gradient boosting,” Computational Statistics & Data Analysis, vol. 38, no. 4, pp. 367-378, 2002.
- T. Chen, and C. Guestrin, “Xgboost: A scalable tree boosting system,” in Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, 2016, pp. 785-794.
- I. Goodfellow, Y. Bengio, and A. Courville, Deep Learning. MIT Press, 2016.
- R. M. Mohammad, F. Thabtah, and L. McCluskey, “Phishing websites features,” School of Computing and Engineering, University of Huddersfield, 2015.
Abstract Views: 180
PDF Views: 0