Machine learning based phishing detection from URLs. (1st March 2019)
- Record Type:
- Journal Article
- Title:
- Machine learning based phishing detection from URLs. (1st March 2019)
- Main Title:
- Machine learning based phishing detection from URLs
- Authors:
- Sahingoz, Ozgur Koray
Buber, Ebubekir
Demir, Onder
Diri, Banu - Abstract:
- Highlights: Use of 7 different classification algorithms and NLP based features. A Big URL Data Set is produced and shared (36, 400 legitimate and 37, 175 phishing). Real-time and language-independent classification algorithms. Feature-rich classifiers with Word Vectors, NLP-based and Hybrid features. The proposed approach reaches 97.98% accuracy rate. Abstract: Due to the rapid growth of the Internet, users change their preference from traditional shopping to the electronic commerce. Instead of bank/shop robbery, nowadays, criminals try to find their victims in the cyberspace with some specific tricks. By using the anonymous structure of the Internet, attackers set out new techniques, such as phishing, to deceive victims with the use of false websites to collect their sensitive information such as account IDs, usernames, passwords, etc. Understanding whether a web page is legitimate or phishing is a very challenging problem, due to its semantics-based attack structure, which mainly exploits the computer users' vulnerabilities. Although software companies launch new anti-phishing products, which use blacklists, heuristics, visual and machine learning-based approaches, these products cannot prevent all of the phishing attacks. In this paper, a real-time anti-phishing system, which uses seven different classification algorithms and natural language processing (NLP) based features, is proposed. The system has the following distinguishing properties from other studies in theHighlights: Use of 7 different classification algorithms and NLP based features. A Big URL Data Set is produced and shared (36, 400 legitimate and 37, 175 phishing). Real-time and language-independent classification algorithms. Feature-rich classifiers with Word Vectors, NLP-based and Hybrid features. The proposed approach reaches 97.98% accuracy rate. Abstract: Due to the rapid growth of the Internet, users change their preference from traditional shopping to the electronic commerce. Instead of bank/shop robbery, nowadays, criminals try to find their victims in the cyberspace with some specific tricks. By using the anonymous structure of the Internet, attackers set out new techniques, such as phishing, to deceive victims with the use of false websites to collect their sensitive information such as account IDs, usernames, passwords, etc. Understanding whether a web page is legitimate or phishing is a very challenging problem, due to its semantics-based attack structure, which mainly exploits the computer users' vulnerabilities. Although software companies launch new anti-phishing products, which use blacklists, heuristics, visual and machine learning-based approaches, these products cannot prevent all of the phishing attacks. In this paper, a real-time anti-phishing system, which uses seven different classification algorithms and natural language processing (NLP) based features, is proposed. The system has the following distinguishing properties from other studies in the literature: language independence, use of a huge size of phishing and legitimate data, real-time execution, detection of new websites, independence from third-party services and use of feature-rich classifiers. For measuring the performance of the system, a new dataset is constructed, and the experimental results are tested on it. According to the experimental and comparative results from the implemented classification algorithms, Random Forest algorithm with only NLP based features gives the best performance with the 97.98% accuracy rate for detection of phishing URLs. … (more)
- Is Part Of:
- Expert systems with applications. Volume 117(2019)
- Journal:
- Expert systems with applications
- Issue:
- Volume 117(2019)
- Issue Display:
- Volume 117, Issue 2019 (2019)
- Year:
- 2019
- Volume:
- 117
- Issue:
- 2019
- Issue Sort Value:
- 2019-0117-2019-0000
- Page Start:
- 345
- Page End:
- 357
- Publication Date:
- 2019-03-01
- Subjects:
- Cyber security -- Phishing attack -- Machine learning -- Classification algorithms -- Cyber attack detection
Expert systems (Computer science) -- Periodicals
Systèmes experts (Informatique) -- Périodiques
Electronic journals
006.33 - Journal URLs:
- http://www.sciencedirect.com/science/journal/09574174 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.eswa.2018.09.029 ↗
- Languages:
- English
- ISSNs:
- 0957-4174
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3842.004220
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 8360.xml