RishiKesh Dube1.*, Twinkle Sharma2, Damodar Tiwari3,*, Kailash Patidar3,*
1Research Scholar, Dept. of CSE, Bansal Institute of Science and Technology, Bhopal, India
2Assistant Professor, Dept. of CSE, Bansal Institute of Science and Technology, Bhopal, India
3Professor, Dept. of CSE, Bansal Institute of Science and Technology, Bhopal, India
Emails: rishikeshdubey6@gmail.com; twinklesharma1311@gmail.com; damodar@bistbpl.in; Kailashpatidar123@gmail.com
Abstract
Phishing attacks have emerged as a significant cybersecurity challenge, targeting individuals and organizations by tricking users into revealing sensitive information through deceptive websites. Traditional phishing detection methods, such as blacklists and heuristic-based approaches, struggle to keep pace with the rapid evolution of phishing techniques. Machine learning-based predictive models offer a promising solution by analyzing website attributes, URL structures, and behavioral patterns to distinguish between legitimate and phishing websites. This paper provides a comprehensive review of various machine learning techniques, including decision trees, support vector machines (SVM), random forests, deep learning models, and ensemble methods, employed in phishing website detection. It explores feature selection strategies, dataset characteristics, performance evaluation metrics, and real-world implementation challenges. Furthermore, the study discusses recent advancements such as adversarial resilience, natural language processing (NLP) integration, and real-time phishing detection frameworks. The review highlights existing research gaps and future directions to enhance phishing detection accuracy, scalability, and adaptability in evolving cybersecurity landscapes.
Keywords: Phishing Websites; Machine Learning; Accuracy; NLP