Ammar Odeh,Qasem Abu Al-Haija,Abdullah Aref,Anas Abu Taleb

DOI: https://doi.org/10.58346/jisis.2023.i4.001

2023-12-02

Abstract:Phishing via URLs involves cyber attackers crafting deceptive websites or emails, mimicking genuine entities like banks or social media outlets. The objective is to dupe users into divulging personal data, such as their passwords or card numbers. This study assesses the potential of machine learning in identifying phishing domains by constructing and contrasting three distinct models. These models, crafted using CatBoost, XGBoost, and LightGBM techniques, are then juxtaposed against prior solutions documented in academic literature. We employed the UCI phishing domains dataset, sourced from URLs, as a performance benchmark for our models. Findings indicate that the model built on CatBoost outperforms its counterparts and also surpasses earlier documented methods.

Luka Jovanovic,Dijana Jovanovic,Milos Antonijevic,Bosko Nikolic,Nebojsa Bacanin,Miodrag Zivkovic,Ivana Strumberger

DOI: https://doi.org/10.13052/jwe1540-9589.2237

2023-07-03

Journal of Web Engineering

Abstract:In the last few decades, the World Wide Web has become a necessity that offers numerous services to end users. The number of online transactions increases daily, as well as that of malicious actors. Machine learning plays a vital role in the majority of modern solutions. To further improve Web security, this paper proposes a hybrid approach based on the eXtreme Gradient Boosting (XGBoost) machine learning model optimized by an improved version of the well-known metaheuristics algorithm. In this research, the improved firefly algorithm is employed in the two-tier framework, which was also developed as part of the research, to perform both the feature selection and adjustment of the XGBoost hyper-parameters. The performance of the introduced hybrid model is evaluated against three instances of well-known publicly available phishing website datasets. The performance of novel introduced algorithms is additionally compared against cutting-edge metaheuristics that are utilized in the same framework. The first two datasets were provided by Mendeley Data, while the third was acquired from the University of California, Irvine machine learning repository. Additionally, the best performing models have been subjected to SHapley Additive exPlanations (SHAP) analysis to determine the impact of each feature on model decisions. The obtained results suggest that the proposed hybrid solution achieves a superior performance level in comparison to other approaches, and that it represents a perspective solution in the domain of web security.

computer science, theory & methods, software engineering

Saleem Raja Abdul Samad,Sundarvadivazhagan Balasubaramanian,Amna Salim Al-Kaabi,Bhisham Sharma,Subrata Chowdhury,Abolfazl Mehbodniya,Julian L. Webber,Ali Bostani

DOI: https://doi.org/10.3390/electronics12071642

IF: 2.9

2023-03-31

Electronics

Abstract:Phishing leverages people's tendency to share personal information online. Phishing attacks often begin with an email and can be used for a variety of purposes. The cybercriminal will employ social engineering techniques to get the target to click on the link in the phishing email, which will take them to the infected website. These attacks become more complex as hackers personalize their fraud and provide convincing messages. Phishing with a malicious URL is an advanced kind of cybercrime. It might be challenging even for cautious users to spot phishing URLs. The researchers displayed different techniques to address this challenge. Machine learning models improve detection by using URLs, web page content and external features. This article presents the findings of an experimental study that attempted to enhance the performance of machine learning models to obtain improved accuracy for the two phishing datasets that are used the most commonly. Three distinct types of tuning factors are utilized, including data balancing, hyper-parameter optimization and feature selection. The experiment utilizes the eight most prevalent machine learning methods and two distinct datasets obtained from online sources, such as the UCI repository and the Mendeley repository. The result demonstrates that data balance improves accuracy marginally, whereas hyperparameter adjustment and feature selection improve accuracy significantly. The performance of machine learning algorithms is improved by combining all fine-tuned factors, outperforming existing research works. The result shows that tuning factors enhance the efficiency of machine learning algorithms. For Dataset-1, Random Forest (RF) and Gradient Boosting (XGB) achieve accuracy rates of 97.44% and 97.47%, respectively. Gradient Boosting (GB) and Extreme Gradient Boosting (XGB) achieve accuracy values of 98.27% and 98.21%, respectively, for Dataset-2.

engineering, electrical & electronic,computer science, information systems,physics, applied

Maraz Mia,Darius Derakhshan,Mir Mehedi A. Pritom

2024-11-15

Abstract:Phishing has been a prevalent cyber threat that manipulates users into revealing sensitive private information through deceptive tactics, designed to masquerade as trustworthy entities. Over the years, proactively detection of phishing URLs (or websites) has been established as an widely-accepted defense approach. In literature, we often find supervised Machine Learning (ML) models with highly competitive performance for detecting phishing websites based on the extracted features from both phishing and benign (i.e., legitimate) websites. However, it is still unclear if these features or indicators are dependent on a particular dataset or they are generalized for overall phishing detection. In this paper, we delve deeper into this issue by analyzing two publicly available phishing URL datasets, where each dataset has its own set of unique and overlapping features related to URL string and website contents. We want to investigate if overlapping features are similar in nature across datasets and how does the model perform when trained on one dataset and tested on the other. We conduct practical experiments and leverage explainable AI (XAI) methods such as SHAP plots to provide insights into different features' contributions in case of phishing detection to answer our primary question, ``Can features for phishing URL detection be trusted across diverse dataset?''. Our case study experiment results show that features for phishing URL detection can often be dataset-dependent and thus may not be trusted across different datasets even though they share same set of feature behaviors.

Cryptography and Security,Machine Learning

Abdullah Fajar,Setiadi Yazid,Indra Budi

2024-12-03

Abstract:Background: Explainability in phishing detection model can support a further solution of phishing attack mitigation by increasing trust and understanding how phishing can be detected. Objective: The aims of this study to determine and best recommendation to apply an approach which has several components with abilities to fulfil the critical needs Methods: A methodology starting with analyzing both black-box and white-box models to get the pros and cons specifically in phishing detection. The conclusion of the analysis will be validated by experiment using a set of well-known algorithms and public phishing datasets. Experimental metrics covers 3 measurements such as predictive accuracy and explainability metrics. Conclusion: Both models are comparable in terms of interpretability and consistency, with room for improvement in diverse datasets. EBM as an example of white-box model is generally better suited for applications requiring explainability and actionable insights. Finally, each model, white-box and black-box model has positive and negative aspects both for performance metric and for explainable metric. It is important to consider the objective of model usage.

Cryptography and Security,Artificial Intelligence

Etuari Oram,Pandit Byomakesha Dash,Bighnaraj Naik,Janmenjoy Nayak,S. Vimal,Sathees Kumar Nataraj

DOI: https://doi.org/10.1016/j.patrec.2021.09.018

IF: 4.757

2021-12-01

Pattern Recognition Letters

Abstract:With the advent of the 20th century, the popularity of digital service usages is increasing every day. The internet has always been a popular communication method, and phishing Webpages have been a challenging issue for more than two decades. Especially, E-commerce and other global companies face enormous challenges due to phishing of websites. Many developed countries have reported substantial economic loss due to unwanted phishing activities. With the exponential increase of digital communications, these phishing activities are going to be increased. There is a need foran effective intrinsic phishing detection technique. Phishing websites have some unique features by which they can be identified. In this research,a Light gradient boosting machine-based phishing email detection model using phisher websites' features of mimic URLs has been proposed. The primary objective is to develop a highly secured and accurate model for successful identification of security breach through websites phishing. With the performance comparison of other ensemble as well as state-of-the-art machine learning models, the proposed model resulted high performance accuracy and proved to a robust approach for phishing activity.

computer science, artificial intelligence

Ali Aljofey,Qingshan Jiang,Abdur Rasool,Hui Chen,Wenyin Liu,Qiang Qu,Yang Wang

DOI: https://doi.org/10.1038/s41598-022-10841-5

IF: 4.6

2022-05-26

Scientific Reports

Abstract:Today's growing phishing websites pose significant threats due to their extremely undetectable risk. They anticipate internet users to mistake them as genuine ones in order to reveal user information and privacy, such as login ids, pass-words, credit card numbers, etc. without notice. This paper proposes a new approach to solve the anti-phishing problem. The new features of this approach can be represented by URL character sequence without phishing prior knowledge, various hyperlink information, and textual content of the webpage, which are combined and fed to train the XGBoost classifier. One of the major contributions of this paper is the selection of different new features, which are capable enough to detect 0-h attacks, and these features do not depend on any third-party services. In particular, we extract character level Term Frequency-Inverse Document Frequency (TF-IDF) features from noisy parts of HTML and plaintext of the given webpage. Moreover, our proposed hyperlink features determine the relationship between the content and the URL of a webpage. Due to the absence of publicly available large phishing data sets, we needed to create our own data set with 60,252 webpages to validate the proposed solution. This data contains 32,972 benign webpages and 27,280 phishing webpages. For evaluations, the performance of each category of the proposed feature set is evaluated, and various classification algorithms are employed. From the empirical results, it was observed that the proposed individual features are valuable for phishing detection. However, the integration of all the features improves the detection of phishing sites with significant accuracy. The proposed approach achieved an accuracy of 96.76% with only 1.39% false-positive rate on our dataset, and an accuracy of 98.48% with 2.09% false-positive rate on benchmark dataset, which outperforms the existing baseline approaches.

multidisciplinary sciences

Noura Fahad Almujahid,Mohd Anul Haq,Mohammed Alshehri

DOI: https://doi.org/10.7717/peerj-cs.2131

2024-06-24

PeerJ Computer Science

Abstract:The advent of Internet technologies has resulted in the proliferation of electronic trading and the use of the Internet for electronic transactions, leading to a rise in unauthorized access to sensitive user information and the depletion of resources for enterprises. As a consequence, there has been a marked increase in phishing, which is now considered one of the most common types of online theft. Phishing attacks are typically directed towards obtaining confidential information, such as login credentials for online banking platforms and sensitive systems. The primary objective of such attacks is to acquire specific personal information to either use for financial gain or commit identity theft. Recent studies have been conducted to combat phishing attacks by examining domain characteristics such as website addresses, content on websites, and combinations of both approaches for the website and its source code. However, businesses require more effective anti-phishing technologies to identify phishing URLs and safeguard their users. The present research aims to evaluate the effectiveness of eight machine learning (ML) and deep learning (DL) algorithms, including support vector machine (SVM), k-nearest neighbors (KNN), random forest (RF), Decision Tree (DT), Extreme Gradient Boosting (XGBoost), logistic regression (LR), convolutional neural network (CNN), and DL model and assess their performances in identifying phishing. This study utilizes two real datasets, Mendeley and UCI, employing performance metrics such as accuracy, precision, recall, false positive rate (FPR), and F-1 score. Notably, CNN exhibits superior accuracy, emphasizing its efficacy. Contributions include using purpose-specific datasets, meticulous feature engineering, introducing SMOTE for class imbalance, incorporating the novel CNN model, and rigorous hyperparameter tuning. The study demonstrates consistent model performance across both datasets, highlighting stability and reliability.

computer science, information systems, artificial intelligence, theory & methods

Md Sultanul Islam Ovi,Md. Hasibur Rahman,Mohammad Arif Hossain

2024-09-30

Abstract:Phishing attacks are a growing cybersecurity threat, leveraging deceptive techniques to steal sensitive information through malicious websites. To combat these attacks, this paper introduces PhishGuard, an optimal custom ensemble model designed to improve phishing site detection. The model combines multiple machine learning classifiers, including Random Forest, Gradient Boosting, CatBoost, and XGBoost, to enhance detection accuracy. Through advanced feature selection methods such as SelectKBest and RFECV, and optimizations like hyperparameter tuning and data balancing, the model was trained and evaluated on four publicly available datasets. PhishGuard outperformed state-of-the-art models, achieving a detection accuracy of 99.05% on one of the datasets, with similarly high results across other datasets. This research demonstrates that optimization methods in conjunction with ensemble learning greatly improve phishing detection performance.

Cryptography and Security

May Almousa,Tianyang Zhang,Abdolhossein Sarrafzadeh,Mohd Anwar

DOI: https://doi.org/10.1002/spy2.256

2022-08-16

Security and Privacy

Abstract:Phishing websites are fraudulent websites that appear legitimate and trick unsuspecting users into interacting with them, stealing their valuable information. Because phishing attacks are a leading cause of data breach, different anti‐phishing solutions have been explored for cybersecurity management including machine learning‐based technical approaches. However, there is a gap in understanding how robust deep learning‐based models together with hyperparameter optimization are for phishing website detection. In this vein, this study pursues the tasks of developing parsimonious deep learning models and hyperparameter optimization to achieve high accuracy and reproducible results for phishing website detection. This paper demonstrates a systematic process of building detection models based on three deep learning algorithm architectures (Long Short‐Term Memory‐based detection models, Fully Connected Deep Neural Network‐based detection models, and convolutional neural network‐based detection models) that are built and evaluated using four publicly available phishing website datasets, achieving the best accuracy of 97.37%. We also compared two different optimization algorithms for hyperparameter optimization: Grid Search and Genetic Algorithm, which contributed to 0.1%–1% increase in accuracy.

English Else

Yun Lin,Ruofan Liu,Dinil Mon Divakaran,Jun Yang Ng,Qing Zhou Chan,Yiwen Lu,Yuxuan Si,Fan Zhang,Jin Song Dong

2021-01-01

Abstract:Recent years have seen the development of phishing detection and identification approaches to defend against phishing attacks. Phishing detection solutions often report binary results, i.e., phishing or not, without any explanation. In contrast, phishing identification approaches identify phishing webpages by visually comparing webpages with predefined legitimate references and report phishing along with its target brand, thereby having explainable results. However, there are technical challenges in visual analyses that limit existing solutions from being effective (with high accuracy) and efficient (with low runtime overhead), to be put to practical use. In this work, we design a hybrid deep learning system, Phishpedia, to address two prominent technical challenges in phishing identification, i.e., (i) accurate recognition of identity logos on webpage screenshots, and (ii) matching logo variants of the same brand. Phishpedia achieves both high accuracy and low runtime overhead. And very importantly, different from common approaches, Phishpedia does not require training on any phishing samples. We carry out extensive experiments using real phishing data; the results demonstrate that Phishpedia significantly outperforms baseline identification approaches (EMD, PhishZoo, and LogoSENSE) in accurately and efficiently identifying phishing pages. We also deployed Phishpedia with CertStream service and discovered 1,704 new real phishing websites within 30 days, significantly more than other solutions; moreover, 1,133 of them are not reported by any engines in VirusTotal.

Yazan Ahmad Alsariera,Victor Elijah Adeyemo,Abdullateef Oluwagbemiga Balogun,Ammar Kareem Alazzawi

DOI: https://doi.org/10.1109/access.2020.3013699

IF: 3.9

2020-01-01

IEEE Access

Abstract:Phishing is a type of social web-engineering attack in cyberspace where criminals steal valuable data or information from insensitive or uninformed users of the internet. Existing countermeasures in the form of anti-phishing software and computational methods for detecting phishing activities have proven to be effective. However, new methods are deployed by hackers to thwart these countermeasures. Due to the evolving nature of phishing attacks, the need for novel and efficient countermeasures becomes crucial as the effect of phishing attacks are often fatal and disastrous. Artificial Intelligence (AI) schemes have been the cornerstone of modern countermeasures used for mitigating phishing attacks. AI-based phishing countermeasures or methods possess their shortcomings particularly the high false alarm rate and the inability to interpret how most phishing methods perform their function. This study proposed four (4) meta-learner models (AdaBoost-Extra Tree (ABET), Bagging – Extra tree (BET), Rotation Forest – Extra Tree (RoFBET) and LogitBoost-Extra Tree (LBET)) developed using the extra-tree base classifier. The proposed AI-based meta-learners were fitted on phishing website datasets (currently with the newest features) and their performances were evaluated. The models achieved a detection accuracy not lower than 97% with a drastically low false-positive rate of not more 0.028. In addition, the proposed models outperform existing ML-based models in phishing attack detection. Hence, we recommend the adoption of meta-learners when building phishing attack detection models.

computer science, information systems,telecommunications,engineering, electrical & electronic

Zhengyang Fan,Wanru Li,Kathryn Blackmond Laskey,Kuo-Chu Chang

DOI: https://doi.org/10.3390/fi16010031

2024-01-18

Future Internet

Abstract:Phishing attacks represent a significant and growing threat in the digital world, affecting individuals and organizations globally. Understanding the various factors that influence susceptibility to phishing is essential for developing more effective strategies to combat this pervasive cybersecurity challenge. Machine learning has become a prevalent method in the study of phishing susceptibility. Most studies in this area have taken one of two approaches: either they explore statistical associations between various factors and susceptibility, or they use complex models such as deep neural networks to predict phishing behavior. However, these approaches have limitations in terms of providing practical insights for individuals to avoid future phishing attacks and delivering personalized explanations regarding their susceptibility to phishing. In this paper, we propose a machine-learning approach that leverages explainable artificial intelligence techniques to examine the influence of human and demographic factors on susceptibility to phishing attacks. The machine learning model yielded an accuracy of 78%, with a recall of 71%, and a precision of 57%. Our analysis reveals that psychological factors such as impulsivity and conscientiousness, as well as appropriate online security habits, significantly affect an individual's susceptibility to phishing attacks. Furthermore, our individualized case-by-case approach offers personalized recommendations on mitigating the risk of falling prey to phishing exploits, considering the specific circumstances of each individual.

Naveen Palanichamy,Yoga Shri Murti

DOI: https://doi.org/10.18080/jtde.v11n3.778

2023-09-30

Journal of Telecommunications and the Digital Economy

Abstract:Phishing emails pose a severe risk to online users, necessitating effective identification methods to safeguard digital communication. Detection techniques are continuously researched to address the evolution of phishing strategies. Machine learning (ML) is a powerful tool for automated phishing email detection, but existing techniques like support vector machines and Naive Bayes have proven slow or ineffective in handling spam filtering. This study attempts to provide a phishing email detector and reliable classifier using a hybrid machine classifier with term frequency-inverse document frequency (TF-IDF) and an effective feature extraction technique (FET) on a real-world dataset from Kaggle. Exploratory data analysis is conducted to enhance understanding of the dataset and identify any conspicuous errors and outliers to facilitate the detection process. The FET converts the data text into a numerical representation that can be used for ML algorithms. The model’s performance is evaluated using accuracy, precision, recall, F1 score, receiver operating characteristic (ROC) curve and area under the ROC curve metrics. The research findings indicate that the hybrid model utilising TF-IDF achieved superior performance, with an accuracy of 87.5%. The paper offers valuable knowledge on using ML to identify phishing emails and highlights the importance of combining various models.

Seok-Jun Bu,Hae-Jung Kim

DOI: https://doi.org/10.3390/electronics11071090

IF: 2.9

2022-03-30

Electronics

Abstract:Deep learning models for phishing URL classification based on character- and word-level URL features achieve the best performance in terms of accuracy. Various improvements have been proposed through deep learning parameters, including the structure and learning strategy. However, the existing deep learning approach shows a degradation in recall according to the nature of a phishing attack that is immediately discarded after being reported. An additional optimization process that can minimize the false negatives by selecting the core features of phishing URLs is a promising avenue of improvement. To search the optimal URL feature set and to fully exploit it, we propose a combined searching and learning strategy that effectively models the URL classifier for recall. By incorporating the deep-learning-based URL classifier with the genetic algorithm to search the optimal feature set that minimizing the false negatives, an optimized classifier that guarantees the best performance was obtained. Extensive experiments on three real-world datasets consisting of 222,541 URLs showed the highest recall among the deep learning models. We demonstrated the superiority of the method by 10-fold cross-validation and confirmed that the recall improved compared to the latest deep learning method. In particular, the accuracy and recall were improved by 4.13%p and 7.07%p, respectively, compared to the convolutional–recurrent neural network in which the feature selection optimization was omitted.

engineering, electrical & electronic,computer science, information systems,physics, applied

Aditya Kulkarni,Vivek Balachandran,Dinil Mon Divakaran,Tamal Das

2024-01-16

Abstract:The widespread accessibility of the Internet has led to a surge in online fraudulent activities, underscoring the necessity of shielding users' sensitive information from cybercriminals. Phishing, a well-known cyberattack, revolves around the creation of phishing webpages and the dissemination of corresponding URLs, aiming to deceive users into sharing their sensitive information, often for identity theft or financial gain. Various techniques are available for preemptively categorizing zero-day phishing URLs by distilling unique attributes and constructing predictive models. However, these existing techniques encounter unresolved issues. This proposal delves into persistent challenges within phishing detection solutions, particularly concentrated on the preliminary phase of assembling comprehensive datasets, and proposes a potential solution in the form of a tool engineered to alleviate bias in ML models. Such a tool can generate phishing webpages for any given set of legitimate URLs, infusing randomly selected content and visual-based phishing features. Furthermore, we contend that the tool holds the potential to assess the efficacy of existing phishing detection solutions, especially those trained on confined datasets.

Cryptography and Security

Pubudu L. Indrasiri,Malka N. Halgamuge,Azeem Mohammad

DOI: https://doi.org/10.1109/access.2021.3124628

IF: 3.9

2021-01-01

IEEE Access

Abstract:As cyber-attacks grow fast and complicated, the cybersecurity industry faces challenges to utilize state-of-the-art technology and strategies to battle the consistently present malicious threats. Phishing is a sort of social engineering attack produced technically and classified as identity theft and complicated attack vectors to steal information of internet users. In this perspective, our main objective of this study is to propose a unique, robust ensemble machine learning model architecture that provides the highest prediction accuracy with a low error rate while proposing few other robust machine learning models. Both supervised and unsupervised techniques were used for the detection process. For our experiments, seven classification algorithms, one clustering algorithm, two ensemble techniques, and two large standard legitimate datasets with 73,575 URLs and 100,000 URLs were used. Two test modes (percentage split, K-Fold cross-validation) were utilized for conducting experiments and final predictions. Mechanisms were developed to (I) identify the best $N$ , which is the optimal heuristic-based threshold value for splitting words into subwords for each classifier, (II) tune hyperparameters for each classifier to specify the best parameter combination, (III) select prominent features using various feature selection techniques, (IV) propose a robust ensemble model (classifier) called the Expandable Random Gradient Stacked Voting Classifier (ERG-SVC) utilizing a voting classifier along with a model architecture, (V) analyze possible clusters of the dataset using k-means clustering, (VI) thoroughly analyze the gradient boost classifier (GB) with respect to utilizing the “criterion” parameter with the Mean Absolute Error (MAE), Mean Squared Error (MSE), and Friendman_MSE, and(VII) propose a lightweight preprocessor to reduce computational cost and preprocessing time. Initial experiments were carried out with 46 features; the number of features was reduced to 22 after the experiments. The results show that the GB classifier outperformed with the least number of NLP based features by achieving a 98.118% prediction accuracy. Furthermore, our stacking ensemble model and proposed voting ensemble model (ERG-SVC) outperformed other tested approaches and yielded reliable prediction accuracy results in detecting malicious URLs at rates of 98.23% and 98.27%, respectively.

computer science, information systems,telecommunications,engineering, electrical & electronic

Sagnik Anupam,Arpan Kumar Kar

DOI: https://doi.org/10.1007/s11235-020-00739-w

2020-11-19

Telecommunication Systems

Abstract:Phishing websites are amongst the biggest threats Internet users face today, and existing methods like blacklisting, using SSL certificates, etc. often fail to keep up with the increasing number of threats. This paper aims to utilise different properties of a website URL, and use a machine learning model to classify websites as phishing and non-phishing. These properties include the IP address length, the authenticity of the HTTPs request being sent by the website, usage of pop-up windows to enter data, Server Form Handler status, etc. A Support Vector Machine binary classifier trained on an existing dataset has been used to predict if a website was a legitimate website or not, by finding an optimum hyperplane to separate the two categories. This optimum hyperplane is found with the help of four optimization algorithms, the Bat Algorithm, the Firefly Algorithm, the Grey Wolf Optimiser algorithm and the Whale Optimization Algorithm, which are inspired by various natural phenomena. Amongst the four nature-inspired optimization algorithms, it has been determined that the Grey Wolf Optimiser algorithm's performance is significantly better than that of the Firefly Algorithm, but there is no significant difference while comparing the performance of any other pair of algorithms. However, all four nature-inspired optimization algorithms perform significantly better than the grid-search optimized Random Forest classifier model described in earlier research.

telecommunications

Abdulla Al-Subaiey,Mohammed Al-Thani,Naser Abdullah Alam,Kaniz Fatema Antora,Amith Khandakar,SM Ashfaq Uz Zaman

2024-05-20

Abstract:Phishing emails continue to pose a significant threat, causing financial losses and security breaches. This study addresses limitations in existing research, such as reliance on proprietary datasets and lack of real-world application, by proposing a high-performance machine learning model for email classification. Utilizing a comprehensive and largest available public dataset, the model achieves a f1 score of 0.99 and is designed for deployment within relevant applications. Additionally, Explainable AI (XAI) is integrated to enhance user trust. This research offers a practical and highly accurate solution, contributing to the fight against phishing by empowering users with a real-time web-based application for phishing email detection.

Machine Learning,Artificial Intelligence

Md Robiul Islam,Md Mahamodul Islam,Mst. Suraiya Afrin,Anika Antara,Nujhat Tabassum,Al Amin

2024-04-28

Abstract:Cybersecurity is one of the global issues because of the extensive dependence on cyber systems of individuals, industries, and organizations. Among the cyber attacks, phishing is increasing tremendously and affecting the global economy. Therefore, this phenomenon highlights the vital need for enhancing user awareness and robust support at both individual and organizational levels. Phishing URL identification is the best way to address the problem. Various machine learning and deep learning methods have been proposed to automate the detection of phishing URLs. However, these approaches often need more convincing accuracy and rely on datasets consisting of limited samples. Furthermore, these black box intelligent models decision to detect suspicious URLs needs proper explanation to understand the features affecting the output. To address the issues, we propose a 1D Convolutional Neural Network (CNN) and trained the model with extensive features and a substantial amount of data. The proposed model outperforms existing works by attaining an accuracy of 99.85%. Additionally, our explainability analysis highlights certain features that significantly contribute to identifying the phishing URL.

Cryptography and Security,Machine Learning