Volume 12 , Issue 2 , PP: 159-171, 2023 | Cite this article as | XML | Html | PDF | Full Length Article
Aldo Tenis 1 * , Santhosh R. 2
Doi: https://doi.org/10.54216/FPA.120213
Phishing links are spread via text messages, social media platforms, and email by phishing attackers. Social engineering skills are used to visit phishing websites to trick the users and enter critical information related to personal data. The confidential data is stolen to defraud legitimate financial institutions or general websites for illegally attaining the benefits. Many machine learning-based solutions are in the enhancements and the technology of machine learning applications to detect the suggested phishing. The rules are used for a solution which depends on the extracted features, and few features require to lies on the services of third-party that, creating time-consuming and instability in the service of prediction. A deep learning-based framework is suggested to detect website of phishing. A framework is established to determine if there is a risk of phishing in real-time during the web page is visited by the user to give a message of warming by the browser plug-in. The prediction service in real-time merges the various techniques for enhancing the accuracy to lower the fake alarm rates and the time of computation which has the filtering whitelist, interception of the blacklist, and prediction of deep learning (DL). Various models of deep learning are compared using the different datasets in the module of machine learning prediction. The greatest accuracy is obtained as 99.18% by the adaptive Recurrent Neural Networks (a−RNN) model from the results of experiments to demonstrate the suggested feasibility solution.
Phishing , legitimate , deep learning , prediction , false alarm rate
[1] De’, N. Pandey, and A. Pal, ‘‘Impact of digital surge during COVID19 pandemic: A viewpoint on research and practice,’’ Int. J. Inf. Manage., vol. 55, Dec. 2020, Art. no. 102171.
[2] J. A. Chaudhry, S. A. Chaudhry, and R. G. Rittenhouse, ‘‘Phishing attacks and defences,’’ Int. J. Secur. Appl., vol. 10, no. 1, pp. 247–256, 2016.
[3] A. Alzahrani, ‘‘Coronavirus social engineering attacks: Issues and recommendations,’’ Int. J. Adv. Comput. Sci. Appl., vol. 11, no. 5, pp. 154–161, 2020.
[4] S. Bell and P. Komisarczuk, ‘‘An analysis of phishing blacklists: Google safe browsing, OpenPhish, and PhishTank,’’ in Proc. Australas. Comput. Sci. Week Multiconf., Feb. 2020, pp. 1–11
[5] Halgas, I. Agrafiotis, and J. R. C. Nurse, ‘‘Catching the phish: Detecting phishing attacks using recurrent neural networks (RNNs),’’ in Information Security Applications (Lecture Notes in Computer Science), vol. 11897. Cham, Switzerland: Springer, 2020, pp. 219–233
[6] Dou, I. Khalil, A. Khreishah, A. Al-Fuqaha, and M. Guizani, ‘‘Systematization of knowledge (SoK): A systematic review of software-based web phishing detection,'' IEEE Commun. Surveys Tuts., vol. 19, no. 4, pp. 2797–2819, 4th Quart., 2017.
[7] Cao, W. Han, and Y. Le, ''Anti-phishing based on an automated individual whitelist,'' in Proc. 4th ACM Workshop Digit. Identity Manage. (DIM), 2008, pp. 51–59.
[8] Jain and B. B. Gupta, ''A novel approach to protect against phishing attacks at client side using an auto-updated whitelist,'' EURASIP J. Inf. Secur., vol. 2016, no. 1, pp. 1–11, Dec. 2016.
[9] Jain and B. B. Gupta, ‘‘PHISH-SAFE: URL features-based phishing detection system using machine learning,’’ in Advances in Intelligent Systems and Computing, vol. 729. Singapore: Springer, 2018, pp. 467–474.
[10] Rao and A. R. Pais, ‘‘Detection of phishing websites using an efficient feature-based machine learning framework,’’ Neural Comput. Appl., vol. 31, no. 8, pp. 3851–3873, Aug. 2019.
[11] Li, Z. Yang, X. Chen, H. Yuan, and W. Liu, ‘‘A stacking model using URL and HTML features for phishing webpage detection,’’ Future Gener. Comput. Syst., vol. 94, pp. 27–39, May 2019.
[12] Xiang, J. Hong, C. P. Rose, and L. Cranor, ‘‘CANTINA+: A feature-rich machine learning framework for detecting phishing websites,'' ACM Trans. Inf. Syst. Secur., vol. 14, no. 2, pp. 1–28, Sep. 2011.
[13] Yang, J. Zhang, X. Wang, Z. Li, Z. Li, and Y. He, ‘‘An improved ELMbased and data pre-processing integrated approach for phishing detection considering comprehensive features,’’ Expert Syst. Appl., vol. 165, Mar. 2021, Art. no. 113863
[14] Mikolov, I. Sutskever, K. Chen, G. S. Corrado, and J. Dean, ‘‘Distributed representations of words and phrases and their compositionality,’’ in Proc. Adv. Neural Inf. Process. Syst., vol. 26, no. 4, Dec. 2013, pp. 3111–3119.
[15] Al-Alyan and S. Al-Ahmadi, ‘‘Robust URL phishing detection based on deep learning,'' KSII Trans. Internet Inf. Syst., vol. 14, no. 7, pp. 2752–2768, 2020.
[16] Chiew, C. L. Tan, K. Wong, K. S. C. Yong, and W. K. Tiong, ‘‘A new hybrid ensemble feature selection framework for machine learning-based phishing detection system,’’ Inf. Sci., vol. 484, pp. 153–166, May 2019.
[17] Chen and C. Guestrin, ‘‘XGBoost: A scalable tree boosting system,’’ in Proc. ACM SIGKDD Int. Conf. Knowl. Discov. Data Min., vols. 13–17, 2016, pp. 785–794.
[18] Do, A. Selamat, O. Krejcar, T. Yokoi, and H. Fujita, ‘‘Phishing webpage classification via deep learning-based algorithms: An empirical study,’’ Appl. Sci., vol. 11, no. 19, p. 9210, Oct. 2021
[19] Chen, W. Zhang, and Y. Su, ‘‘Phishing detection research based on LSTM recurrent neural network,’’ Data Sci., vol. 6, pp. 638–645, Sep. 2018
[20] Chen, W. Zhang, and Y. Su, ‘‘Phishing detection research based on LSTM recurrent neural network,’’ Data Sci., vol. 6, pp. 638–645, Sep. 2018
[21] Sherubha, “Graph Based Event Measurement for Analyzing Distributed Anomalies in Sensor Networks”, Sådhanå(Springer), 45:212, https://doi.org/10.1007/s12046-020-01451-w
[22] Sherubha, “An Efficient Network Threat Detection and Classification Method using ANP-MVPS Algorithm in Wireless Sensor Networks”, International Journal of Innovative Technology and Exploring Engineering (IJITEE), ISSN: 2278-3075, Volume-8 Issue-11, September 2019
[23] Sherubha, “An Efficient Intrusion Detection and Authentication Mechanism for Detecting Clone Attack in Wireless Sensor Networks”, Journal of Advanced Research in Dynamical and Control Systems (JARDCS), Volume 11, issue 5, Pg No. 55-68
[24] Paul and S. Das, ‘‘Simultaneous feature selection and weighting— An evolutionary multi-objective optimization approach,’’ Pattern Recognit. Lett., vol. 65, pp. 51–59, Nov. 2015.
[25] Xue, M. Zhang, and W. N. Browne, ''Particle swarm optimization for feature selection in classification: Novel initialization and updating mechanisms,'' Appl. Soft Comput., vol. 18, pp. 261–276, May 2014.
[26] Huang, S. Hao, L. Invernizzi, Y. Fang, C. Kruegel, and G. Vigna, ‘‘Gossip: Automatically identifying malicious domains from mailing list discussions,’’ in Proc. ACM Asia Conf. Comput. Commun. Secur. (ASIA CCS), Abu Dhabi, United Arab Emirates, Apr. 2017, pp. 494–505
[27] Saxe, R. Harang, C. Wild, and H. Sanders, ‘‘A deep learning approach to fast, format-agnostic detection of malicious Web content,’’ in Proc. IEEE Symp. Secur. Privacy Workshops (SPW), San Francisco, CA, USA, Aug. 2018, pp. 8–14.
[28] Wu, X. Du, and J. Wu, ‘‘Effective defence schemes for phishing attacks on mobile computing platforms,’’ IEEE Trans. Veh. Technol., vol. 65, no. 8, pp. 6678–6691, Aug. 2016.
[29] Gowtham and I. Krishnamurthi, ‘‘A comprehensive and efficacious architecture for detecting phishing webpages,’’ Comput. Secur., vol. 40, pp. 23–37, 2014.
[30] Sheng, B. Wardman, G. Warner, L. F. Cranor, J. Hong, and C. Zhang, ‘‘An empirical analysis of phishing blacklists,’’ in Proc. 6th Conf. Email Anti-Spam (CEAS), Mountain View, CA, USA, Jul. 2009, pp. 1–20.
[31] Han, N. Kheir, and D. Balzarotti, ‘‘PhishEye: Live monitoring of sandboxed phishing kits,’’ in Proc. 23rd ACM Conf. Comput. Commun. Secur. (CCS), Vienna, Austria, Oct. 2016, pp. 1402–1413
[32] Rao and S. T. Ali, ‘‘PhishShield: A desktop application to detect phishing Webpages through heuristic approach,’’ Procedia Comput. Sci., vol. 54, pp. 147–156, Aug. 2015.
[33] Jain and B. B. Gupta, ''A novel approach to protect against phishing attacks at client side using an auto-updated whitelist,'' EURASIP J. Inf. Secur., vol. 2016, no. 1, Dec. 2016, Art. no. 9.
[34] Kausar, B. Al-Otaibi, A. Al-Qadi, and N. Al-Dossari, ''Hybrid client-side phishing websites detection approach,'' Int. J. Adv. Comput. Sci. Appl., vol. 5, no. 7, pp. 132–140, 2014.
[35] Varshney, M. Misra, and P. K. Atrey, ‘‘A phish detector using lightweight search features,’’ Comput. Secur., vol. 62, pp. 213–228, Sep. 2016.
[36] S. Hemamalini ,V. D. Ambeth Kumar ,R. Venkatesan,S. Malathi. (2023). Relevance Mapping based CNN model with OSR-FCA Technique for Multi-label DR Classification. Journal of Fusion: Practice and Applications, 11 ( 2 ), 90-110.
[37] C. S. Manigandaa,V. D. Ambeth Kumar,G. Ragunath,R. Venkatesan,N. Senthil Kumar. (2023). De-Noising and Segmentation of Medical Images using Neutrophilic Sets. Journal of Fusion: Practice and Applications, 11 ( 2 ), 111-123
[38] Sathya Preiya, V., and V. D. Ambeth Kumar. 2023. "Deep Learning-Based Classification and Feature Extraction for Predicting Pathogenesis of Foot Ulcers in Patients with Diabetes" Diagnostics 13, no. 12: 1983. https://doi.org/10.3390/diagnostics13121983
[39] Balakrishnan, Chitra, and V. D. Ambeth Kumar. 2023. "IoT-Enabled Classification of Echocardiogram Images for Cardiovascular Disease Risk Prediction with Pre-Trained Recurrent Convolutional Neural Networks" Diagnostics 13, no. 4: 775. https://doi.org/10.3390/diagnostics13040775.
[40] V. D. Ambeth Kumar,S. Malathi,Abhishek Kumar,Prakash M and Kalyana C. Veluvolu, “Active Volume Control in Smart Phones Based on User Activity and Ambient Noise” ,Sensors 2020, 20(15), 4117; https://doi.org/10.3390/s20154117
[41] V. Sathya Preiya,V. D. Ambeth Kumar,R. Vijay,Vijay K.,N. Kirubakaran. "Blockchain-Based E-Voting System with Face Recognition." Fusion: Practice and Applications, Vol. 12, No. 1, 2023 ,PP. 53-63