To see the other types of publications on this topic, follow the link: Phishing attack detection.
Journal articles on the topic 'Phishing attack detection'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Phishing attack detection.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Mohamed, Gori, J. Visumathi, Miroslav Mahdal, Jose Anand, and Muniyandy Elangovan. "An Effective and Secure Mechanism for Phishing Attacks Using a Machine Learning Approach." Processes 10, no. 7 (2022): 1356. http://dx.doi.org/10.3390/pr10071356.
Full textAbstract:
Phishing is one of the biggest crimes in the world and involves the theft of the user’s sensitive data. Usually, phishing websites target individuals’ websites, organizations, sites for cloud storage, and government websites. Most users, while surfing the internet, are unaware of phishing attacks. Many existing phishing approaches have failed in providing a useful way to the issues facing e-mails attacks. Currently, hardware-based phishing approaches are used to face software attacks. Due to the rise in these kinds of problems, the proposed work focused on a three-stage phishing series attack for precisely detecting the problems in a content-based manner as a phishing attack mechanism. There were three input values—uniform resource locators and traffic and web content based on features of a phishing attack and non-attack of phishing website technique features. To implement the proposed phishing attack mechanism, a dataset is collected from recent phishing cases. It was found that real phishing cases give a higher accuracy on both zero-day phishing attacks and in phishing attack detection. Three different classifiers were used to determine classification accuracy in detecting phishing, resulting in a classification accuracy of 95.18%, 85.45%, and 78.89%, for NN, SVM, and RF, respectively. The results suggest that a machine learning approach is best for detecting phishing.
2
Alsariera, Yazan A., Meshari H. Alanazi, Yahia Said, and Firas Allan. "An Investigation of AI-Based Ensemble Methods for the Detection of Phishing Attacks." Engineering, Technology & Applied Science Research 14, no. 3 (2024): 14266–74. http://dx.doi.org/10.48084/etasr.7267.
Full textAbstract:
Phishing attacks remain a significant cybersecurity threat in the digital landscape, leading to the development of defense mechanisms. This paper presents a thorough examination of Artificial Intelligence (AI)-based ensemble methods for detecting phishing attacks, including websites, emails, and SMS. Through the screening of research articles published between 2019 and 2023, 37 relevant studies were identified and analyzed. Key findings highlight the prevalence of ensemble methods such as AdaBoost, Bagging, and Gradient Boosting in phishing attack detection models. Adaboost emerged as the most used method for website phishing detection, while Stacking and Adaboost were prominent choices for email phishing detection. The majority-voting ensemble method was frequently employed in SMS phishing detection models. The performance evaluation of these ensemble methods involves metrics, such as accuracy, ROC-AUC, and F-score, underscoring their effectiveness in mitigating phishing threats. This study also underscores the availability of credible open-access datasets for the progressive development and benchmarking of phishing attack detection models. The findings of this study suggest the development of new and optimized ensemble methods for phishing attack detection.
3
Nur, Sholihah Zaini, Stiawan Deris, Faizal Ab Razak Mohd, et al. "Phishing detection system using machine learning classifiers." Indonesian Journal of Electrical Engineering and Computer Science (IJEECS) 17, no. 3 (2020): 1165–71. https://doi.org/10.11591/ijeecs.v17.i3.pp1165-1171.
Full textAbstract:
The increasing development of the Internet, more and more applications are put into websites can be directly accessed through the network. This development has attracted an attacker with phishing websites to compromise computer systems. Several solutions have been proposed to detect a phishing attack. However, there still room for improvement to tackle this phishing threat. This paper aims to investigate and evaluate the effectiveness of machine learning approach in the classification of phishing attack. This paper applied a heuristic approach with machine learning classifier to identify phishing attacks noted in the web site applications. The study compares with five classifiers to find the best machine learning classifiers in detecting phishing attacks. In identifying the phishing attacks, it demonstrates that random forest is able to achieve high detection accuracy with true positive rate value of 94.79% using website features. The results indicate that random forest is effective classifiers for detecting phishing attacks.
4
Zaini, Nur Sholihah, Deris Stiawan, Mohd Faizal Ab Razak, et al. "Phishing detection system using nachine learning classifiers." Indonesian Journal of Electrical Engineering and Computer Science 17, no. 3 (2020): 1165. http://dx.doi.org/10.11591/ijeecs.v17.i3.pp1165-1171.
Full textAbstract:
<span>The increasing development of the Internet, more and more applications are put into websites can be directly accessed through the network. This development has attracted an attacker with phishing websites to compromise computer systems. Several solutions have been proposed to detect a phishing attack. However, there still room for improvement to tackle this phishing threat. This paper aims to investigate and evaluate the effectiveness of machine learning approach in the classification of phishing attack. This paper applied a heuristic approach with machine learning classifier to identify phishing attacks noted in the web site applications. The study compares with five classifiers to find the best machine learning classifiers in detecting phishing attacks. In identifying the phishing attacks, it demonstrates that random forest is able to achieve high detection accuracy with true positive rate value of 94.79% using website features. The results indicate that random forest is effective classifiers for detecting phishing attacks.</span>
5
R, Nivyashree. "Phishing Website Detection." INTERNATIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 09, no. 05 (2025): 1–9. https://doi.org/10.55041/ijsrem48594.
Full textAbstract:
Abstract - This literature survey examines software-based phishing detection techniques, a critical area of cybersecurity. With phishing attacks growing rapidly each year, this study explores the phishing ecosystem, current statistics, automatic detection schemes, feature analysis, datasets, algorithms, and evaluation metrics. Emphasis is given to the challenges in feature robustness, handling adaptive attacks, and limitations in large-scale data processing. The survey also identifies research gaps in addressing new attack vectors, offering insights for future directions. Key Words: Phishing, Phishing Detection, Literature Survey, Cybersecurity, Machine Learning.
6
Soma Niloy Ghosh and Jayesh V Jawade. "Comparative analysis on different phishing website detection techniques." International Journal of Frontiers in Engineering and Technology Research 8, no. 2 (2025): 055–62. https://doi.org/10.53294/ijfetr.2025.8.2.0036.
Full textAbstract:
Phishing attack is an attempt to obtain confidential information or data, such as credit and debit card details, username, passwords, etc. by creating a fake website which is very much similar to genuine website. Because of visual similarity of website, users are not able to distinguish between a legitimate and phishing websites. Phishing attack often targets users to enter their personal information at a phishing website. Then that information is directly send to attackers. In today’s world most of the phishing attack takes place with the help of spoofed emails. The attackers first send the email to victim which looks like it’s come from genuine sender. The spoofed email contains the link to such phishing websites. When the victim clicks this link and enters the credentials and information, the information is directly passed on to the attackers. The attackers then misuse this information. Phishing attack is still among the top ten cyber-attacks. Hence, the security experts are looking for a reliable and steady detection mechanism with high accuracy. This paper aims to compare all the phishing website detection techniques.
7
Ifthikhar, Nimra, Ahthasham Sajid, Adeel Zafar, Atta Ur Rahman, Rida Malik, and Hamza Razzaq. "A Comprehensive Study on Phishing Attack Detection and Mitigation via Ransomware-as-a-Service (RAAS)." Nucleus 61, no. 2 (2025): 93–100. https://doi.org/10.71330/nucleus.61.02.1402.
Full textAbstract:
Ransomware-as-a-Service (RAAS), a new cybercriminal actor, is making ransomware attacks more potent and widespread. This research comprehensively assesses Ransomware-as-a-Service (RAAS) ecosystem phishing detection and prevention solutions. Seven studies compare RAAS-enabled phishing detection and prevention effectiveness, challenges, and trends. The findings recommend a multi-layered, context-aware approach for organizational resilience to shifting cyber threats. This thorough phishing attack detection and security study examines ransomware-as-a-service. Phishing attacks leverage human weaknesses to steal sensitive data and are becoming more sophisticated. Since RAAS makes ransomware attacks easier, even non-technical people may launch deadly ones. Money is making ransomware assaults more common and severe, putting people, organizations, and key infrastructure at risk. These new attacks must be detected and mitigated to safeguard digital assets. This study compares RAAS ecosystem phishing attack defence detection and mitigation technologies to identify strengths, weaknesses, and emerging trends.
8
Ifthikhar, Nimra, Ahthasham Sajid, Adeel Zafar, Atta Ur Rahman, Rida Malik, and Hamza Razzaq. "A Comprehensive Study on Phishing Attack Detection and Mitigation via Ransomware-as-a-Service (RAAS)." Nucleus 61, no. 2 (2025): 93–100. https://doi.org/10.71330/thenucleus.2024.1402.
Full textAbstract:
Ransomware-as-a-Service (RAAS), a new cybercriminal actor, is making ransomware attacks more potent and widespread. This research comprehensively assesses Ransomware-as-a-Service (RAAS) ecosystem phishing detection and prevention solutions. Seven studies compare RAAS-enabled phishing detection and prevention effectiveness, challenges, and trends. The findings recommend a multi-layered, context-aware approach for organizational resilience to shifting cyber threats. This thorough phishing attack detection and security study examines ransomware-as-a-service. Phishing attacks leverage human weaknesses to steal sensitive data and are becoming more sophisticated. Since RAAS makes ransomware attacks easier, even non-technical people may launch deadly ones. Money is making ransomware assaults more common and severe, putting people, organizations, and key infrastructure at risk. These new attacks must be detected and mitigated to safeguard digital assets. This study compares RAAS ecosystem phishing attack defence detection and mitigation technologies to identify strengths, weaknesses, and emerging trends.
9
PRIPAS, Marian-Iulian. "Phishing Attack – Detection and Removal." International Journal of Information Security and Cybercrime 3, no. 1 (2014): 59–64. http://dx.doi.org/10.19107/ijisc.2014.01.07.
Full text
10
Kumar, H. V. Kishan, and Praveen K S. "Phishing Website Detection Using Machine Learning." International Journal for Research in Applied Science and Engineering Technology 11, no. 7 (2023): 1824–26. http://dx.doi.org/10.22214/ijraset.2023.54850.
Full textAbstract:
Abstract: The growing internet user base and reliance on online platforms have led to a growing concern of phishing attacks. Conventional anti-phishing techniques struggle to keep up with evolving tactics. This research proposes a novel approach using machine learning algorithms to combat phishing attacks in real-time. The dataset includes legitimate and phishing websites, with various attack vectors and strategies. Data preprocessing, feature engineering, and machine learning models are trained on the dataset. The proposed approach achieves high accuracy and outperforms traditional rule-based methods. The ensemble models exhibit superior performance in handling both known and unseen phishing attacks. The real-time nature of the system allows for swift adaptation to new and emerging phishing techniques. The system's low computational overhead ensures seamless operation on various platforms without performance degradation.
11
Aslin, Sushmitha R. "Phishing attack detection using gradient boosting." i-manager's Journal on Digital Forensics & Cyber Security 2, no. 1 (2024): 33. http://dx.doi.org/10.26634/jdf.2.1.20840.
Full textAbstract:
Phishing is a prevalent cyber attack that uses deceptive websites to trick individuals into revealing personal information. These sites mimic legitimate ones to steal data such as usernames, passwords, and financial details. Detecting phishing is crucial, and machine learning algorithms are effective tools for this task. Attackers favor phishing due to its effectiveness in tricking victims with authentic-looking yet malicious links, which can breach security measures. This method employs machine learning to innovate phishing website detection. However, attackers can manipulate features like HTML, DOM, and URLs using web scraping and scripting languages. A new approach using machine learning classifiers tackles these threats by analyzing internet URLs and domain names. A dataset sourced from globally recognized intelligence services and organizations facilitates streamlined feature extraction, reducing processing overhead by prioritizing URL and domain name traits. The Gradient Boosting Classifier is used on an 11,055-instance dataset with thirty-two features to classify phishing URLs, demonstrating superior accuracy compared to methods like Random Forest. Gradient boosting is highly effective across various machine learning tasks, leveraging aggregated weak learners such as decision trees for strong predictive accuracy. Its suitability for handling imbalanced datasets makes it particularly effective for phishing detection, which is crucial for distinguishing between legitimate and malicious URLs. This method enhances accuracy by extracting and comparing distinct characteristics of legitimate and phishing URLs. By focusing on URL and domain name attributes, a more effective approach to identifying phishing attempts in cybersecurity is proposed.
12
Anton, Guda, and Klishch Sergey. "Phishing like the first step to gaining access." System technologies 4, no. 147 (2023): 141–54. http://dx.doi.org/10.34185/1562-9945-4-147-2023-13.
Full textAbstract:
Phishing as a term that means the technique of sending phishing messages will be re-searched based on findings in public access and using the listed links. The process of a phish-ing attack will be analyzed, and then we will pay attention to the technical vectors of how us-ers become victims of the attack. Finally, existing research on phishing attacks and related prevention approaches will be reviewed. Mitigating phishing attacks is an important research topic worth exploring. Although a lot of research has been done, this threat still exists in the real world, and its prevalence is constantly increasing. According to research results, detecting phishing attacks is a difficult problem. There are two main strategies used to mitigate phishing attacks; or improving the performance of phishing detection technology or improving people's awareness of these at-tacks. Developing human expertise is a key way to defeat phishing attacks, as phishing attacks exploit human weaknesses rather than network weaknesses. Also, humans are always the weakest link in social engineering attacks. Compared to phishing website detection, phishing email detection may require user in-volvement to achieve better detection results. Because the success of a phishing email de-pends on its context. Specifically, when the premise of the phishing email is consistent with the user's work context (or current situation). Most anti-phishing solutions are implemented to mitigate general phishing attacks, but they ignore some specific situations, such as advanced phishing attacks. To prevent advanced phishing attacks, phishing websites are difficult to detect if a victim is attacked using stolen DNS data because the URL content and website content are the same as legitimate websites. Most content-based approaches may not work because the content of the accessed URL is an important factor in the decision. To prevent subdomain hijacking attacks, it is difficult to detect a phishing website if the phishers have hosted the website on a subdomain taken from a legitimate website. Regardless of the web content, URL, and SSL certificate information, they will all be the same as the le-gitimate website. Moreover, the approach to enumeration of subdomains needs improvement, as most current tools are based on rough enumeration, existing dictionaries may not cover all instances of subdomains, as some subdomains may be meaningless.
13
Loh, Peter K. K., Aloysius Z. Y. Lee, and Vivek Balachandran. "Towards a Hybrid Security Framework for Phishing Awareness Education and Defense." Future Internet 16, no. 3 (2024): 86. http://dx.doi.org/10.3390/fi16030086.
Full textAbstract:
The rise in generative Artificial Intelligence (AI) has led to the development of more sophisticated phishing email attacks, as well as an increase in research on using AI to aid the detection of these advanced attacks. Successful phishing email attacks severely impact businesses, as employees are usually the vulnerable targets. Defense against such attacks, therefore, requires realizing defense along both technological and human vectors. Security hardening research work along the technological vector is few and focuses mainly on the use of machine learning and natural language processing to distinguish between machine- and human-generated text. Common existing approaches to harden security along the human vector consist of third-party organized training programmes, the content of which needs to be updated over time. There is, to date, no reported approach that provides both phishing attack detection and progressive end-user training. In this paper, we present our contribution, which includes the design and development of an integrated approach that employs AI-assisted and generative AI platforms for phishing attack detection and continuous end-user education in a hybrid security framework. This framework supports scenario-customizable and evolving user education in dealing with increasingly advanced phishing email attacks. The technological design and functional details for both platforms are presented and discussed. Performance tests showed that the phishing attack detection sub-system using the Convolutional Neural Network (CNN) deep learning model architecture achieved the best overall results: above 94% accuracy, above 95% precision, and above 94% recall.
14
Almuhaideb, Abdullah M., Nida Aslam, Almaha Alabdullatif, et al. "Homoglyph Attack Detection Model Using Machine Learning and Hash Function." Journal of Sensor and Actuator Networks 11, no. 3 (2022): 54. http://dx.doi.org/10.3390/jsan11030054.
Full textAbstract:
Phishing is still a major security threat in cyberspace. In phishing, attackers steal critical information from victims by presenting a spoofing/fake site that appears to be a visual clone of a legitimate site. Several Unicode characters are visually identical to ASCII characters. This similarity in characters is generally known as homoglyphs. Malicious adversaries utilize homoglyphs in URLs and DNS domains to target organizations. To reduce the risks caused by phishing attacks, effective ways of detecting phishing websites are urgently required. This paper proposes a homoglyph attack detection model that combines a hash function and machine learning. There are two phases to the model approach. The machine was being trained during the development phase. The deployment phase involved deploying the model with a Java interface and testing the outcomes through actual user interaction. The results are more accurate when the URL is hashed, as any little changes to the URL can be recognized. The homoglyph detector can be developed as a stand-alone software that is used as the initial step in requesting a webpage as it enhances browser security and protects websites from phishing attempts. To verify the effectiveness, we compared the proposed model on several criteria to existing phishing detection methods. By using the hash function, the proposed security features increase the overall security of the homoglyph attack detection in terms of accuracy, integrity, and availability. The experiment results showed that the model can detect phishing sites with an accuracy of 99.8% using Random Forest, and the hash function improves the accuracy of homoglyph attack detection.
15
Thang, Nguyen Manh, Lê Quang Anh, Hứa Song Toàn, and Nguyễn Quốc Trung. "A novel method for detecting URLs phishing using hybrid machine learning algorithm." Journal of Science and Technology on Information security 2, no. 19 (2023): 15–28. http://dx.doi.org/10.54654/isj.v2i19.978.
Full textAbstract:
Abstract— The phishing attack is the type of cyberattack that targets people’s trust by masking the malicious intent of the attack as communications from reputable sources. The goal is to steal sensitive data from the victim(s) (banking information, social identification, credentials, etc.) for various purposes (selling for monetary gain, performing identity thief, using as a lever for escalation attack). In 2022, the number of reported phishing attacks will reach a whopping 255 million cases, an increment of 61% compared to 2021. Existing methods of phishing URL detection have limitations. The article proposes a method to increase the accuracy of detecting malicious URL by using machine learning methods Linear Support Vector Classification and multinomial Naive Bayes with voting mechanisms.
16
Jain, Ankit Kumar, and B. B. Gupta. "Phishing Detection: Analysis of Visual Similarity Based Approaches." Security and Communication Networks 2017 (2017): 1–20. http://dx.doi.org/10.1155/2017/5421046.
Full textAbstract:
Phishing is one of the major problems faced by cyber-world and leads to financial losses for both industries and individuals. Detection of phishing attack with high accuracy has always been a challenging issue. At present, visual similarities based techniques are very useful for detecting phishing websites efficiently. Phishing website looks very similar in appearance to its corresponding legitimate website to deceive users into believing that they are browsing the correct website. Visual similarity based phishing detection techniques utilise the feature set like text content, text format, HTML tags, Cascading Style Sheet (CSS), image, and so forth, to make the decision. These approaches compare the suspicious website with the corresponding legitimate website by using various features and if the similarity is greater than the predefined threshold value then it is declared phishing. This paper presents a comprehensive analysis of phishing attacks, their exploitation, some of the recent visual similarity based approaches for phishing detection, and its comparative study. Our survey provides a better understanding of the problem, current solution space, and scope of future research to deal with phishing attacks efficiently using visual similarity based approaches.
17
Djaballah, kamel Ahsene, Kamel Boukhalfa, Mohamed Amine Guelmaoui, Amir Saidani, and Yassine Ramdane. "A Proposal Phishing Attack Detection System on Twitter." International Journal of Information Security and Privacy 16, no. 1 (2022): 1–27. http://dx.doi.org/10.4018/ijisp.309131.
Full textAbstract:
The security of personal data is crucial for a company or any individual. Phishing is one of the most common and dangerous cybercrime attacks. These attacks aim to steal information used by individuals and organizations using social engineering, which is a key point for the success of the phishing attack. Even though there are several systems and solutions, the amount of personal information stolen continues to increase as cyberattacks become more difficult to detect. This paper consists of a broad review to study the work carried out in the fight against phishing and the identification of vulnerabilities in existing systems to achieve better efficiency. The authors focused on the social medium Twitter to study the phishing attacks passing through this medium, and they present their new design, which is based on new features. The classification of the approach includes 23 features and uses the MLP artificial neural network (ANN MLP) algorithm. Experiments show that the system is effective at detecting phishing sites, with a 96% success rate using recent data.
18
Noori, Nematullah, Vyenkatesh Bawanthad, Mayur Pakhare, Ramashray Agrawal, and Vinod Kimbahune. "Phishing URL Detection using Machine Learning." International Journal for Research in Applied Science and Engineering Technology 11, no. 5 (2023): 3645–48. http://dx.doi.org/10.22214/ijraset.2023.52342.
Full textAbstract:
Abstract: Phishing attacks continue to pose a major threat for computer system defenders, often forming the first step in a multistage attack. There have been great strides made in phishing detection; however,some phishing emails appear to pass through filters by making simple structural and semantic changes to the messages. We tackle this problem through the use of a machine learning classifier operating on a large corpus of phishing and legitimate emails. We design a system to extract features, elevating some to higherlevel feature, that are meant to defeat common phishing email detection strategies. This paper presents an approach to detect phishing URLs in an efficient way based on URL features only. For detecting the phishing URLs SVM classifier is used. The performances are evaluated for different size of datasets using different number of features. The results are compared with other machine learning classification techniques. The proposed system is able to detect phishing websites using URL features only.
19
Gupta, Suraj Rakesh. "Review on Phishing Attack Detection using Recurrent Neural Network." International Journal for Research in Applied Science and Engineering Technology 9, no. 11 (2021): 185–88. http://dx.doi.org/10.22214/ijraset.2021.38756.
Full textAbstract:
Abstract: Phishing is a crime that involves the theft of personal information from users. Individuals, corporations, cloud storage, and government websites are all targets for the phishing websites. Anti-phishing technologies based on hardware are commonly utilised, while software-based options are preferred due to cost and operational considerations. Current phishing detection systems have no solution for problems like zero-day phishing assaults. To address these issues, a three-phase attack detection system called the Phishing Attack Detector based on Web Crawler was suggested, which uses a recurrent neural network to precisely detect phishing incidents. Based on the classification of phishing and non-phishing pages, it covers the input features Web traffic, web content, and Uniform Resource Locator (URL). Keywords: Attack detection, Recurrent Neural Network, Deep Learning.
20
Glăvan, Dragoș. "Detection of phishing attacks using the anti-phishing framework." Scientific Bulletin of Naval Academy XXIII, no. 1 (2020): 208–12. http://dx.doi.org/10.21279/1454-864x-20-i1-028.
Full textAbstract:
. In the area of computer security, phishing is a form of criminal activity that involves obtaining sensitive data, such as access data for banking applications, e-commerce applications (such as eBay or PayPal) or credit card information, using techniques to manipulate the identity data of a person or institution. A phishing attack consists of sending the attacker an electronic message, using instant messaging software or telephone, in which the user is advised to give his confidential data to win certain prizes, or is informed that they are prizes. necessary due to technical errors that led to the loss of the original data. According to the reports of the AntiPhishing Working Group (APWG) published in December 2018, phishing against banking and the payment processor was high. Almost all phishy URLs use HTTPS and use redirects to avoid detection. This paper is a comparative survey of the available methods for detecting phishing sites. There has been a comparative study of anti-phishing tools and their limitations have been found. An anti-phishing model, a framework to help detect these attacks, is discussed. The identification of this type of attack is a very important problem considering that, at present, people carry out many online transactions regarding money transfer, payment of bills or purchases.
21
Tsehay, Admassu Assegie. "K-Nearest Neighbor Based URL Identification Model for Phishing Attack Detection." Indian Journal of Artificial Intelligence and Neural Networking (IJAINN) 1, no. 2 (2021): 18–21. https://doi.org/10.54105/ijainn.B1019.041221.
Full textAbstract:
Phishing causes many problems in business industry. The electronic commerce and electronic banking such as mobile banking involves a number of online transaction. In such online transactions, we have to discriminate features related to legitimate and phishing websites in order to ensure security of the online transaction. In this study, we have collected data form phish tank public data repository and proposed K-Nearest Neighbors (KNN) based model for phishing attack detection. The proposed model detects phishing attack through URL classification. The performance of the proposed model is tested empirically and result is analyzed. Experimental result on test set reveals that the model is efficient on phishing attack detection. Furthermore, the K value that gives better accuracy is determined to achieve better performance on phishing attack detection. Overall, the average accuracy of the proposed model is 85.08%.
22
Sai, Garikapati Charan, Akula Rishika, Garlapati Dheeraj Reddy, Reddyvari Venkateswara Reddy, and Punyaban Patel. "Phishing Detection: A Multilayer Approach to Scale Down Phishing." International Journal for Research in Applied Science and Engineering Technology 12, no. 4 (2024): 601–8. http://dx.doi.org/10.22214/ijraset.2024.59828.
Full textAbstract:
Abstract: Detection of phishing scams is a process to detect phishing attempts before they happen, inform administrators and users about them, and most importantly reduce the risk. Phishing is a form of cybercrime in which hackers attempt to trick victims into revealing confidential information, e.g. passwords or financial details, by pretending that they're an efficient source for the attack via email and most commonly text messaging. Since phishing is mostly a semantics-based attack that targets human vulnerabilities, identifying these phishing websites can be difficult. The authors suggested this project as a solution to this problem. By identifying and quickly warning users of potential phishing and malware threats, our project aims to improve online security. This all-inclusive method includes Greek alphabet analysis, port forwarding detection, database comparison, grammar analysis utilizing NLP libraries, and many more. A modified version of phishing detection technique has been suggested which integrates Greek alphabet analysis , port forwarding detection and homograph attack detection.
23
Butnaru, Andrei, Alexios Mylonas, and Nikolaos Pitropakis. "Towards Lightweight URL-Based Phishing Detection." Future Internet 13, no. 6 (2021): 154. http://dx.doi.org/10.3390/fi13060154.
Full textAbstract:
Nowadays, the majority of everyday computing devices, irrespective of their size and operating system, allow access to information and online services through web browsers. However, the pervasiveness of web browsing in our daily life does not come without security risks. This widespread practice of web browsing in combination with web users’ low situational awareness against cyber attacks, exposes them to a variety of threats, such as phishing, malware and profiling. Phishing attacks can compromise a target, individual or enterprise, through social interaction alone. Moreover, in the current threat landscape phishing attacks typically serve as an attack vector or initial step in a more complex campaign. To make matters worse, past work has demonstrated the inability of denylists, which are the default phishing countermeasure, to protect users from the dynamic nature of phishing URLs. In this context, our work uses supervised machine learning to block phishing attacks, based on a novel combination of features that are extracted solely from the URL. We evaluate our performance over time with a dataset which consists of active phishing attacks and compare it with Google Safe Browsing (GSB), i.e., the default security control in most popular web browsers. We find that our work outperforms GSB in all of our experiments, as well as performs well even against phishing URLs which are active one year after our model’s training.
24
Nthurima, Fredrick, Abraham Mutua, and Waithaka Stephen Titus. "Detecting Phishing Emails Using Random Forest and AdaBoost Classifier Model." Open Journal for Information Technology 6, no. 2 (2023): 123–36. http://dx.doi.org/10.32591/coas.ojit.0602.03123n.
Full textAbstract:
Phishing attack occurs when a phishing email which is a legitimate-looking email, designed to lure the recipient into believing that it is a genuine email to open and click malicious links embedded into the email. This leads to user reveal sensitive information such as credit card number, usernames or passwords to the attacker thereby gaining entry into the compromised account. Online surveys have put phishing attack as the leading attack for web content mostly targeting financial institutions. According to a survey conducted by Ponemon Institute LLC 2017, the loss due to phishing attack is about $1.5 billion per year. This is a global threat to information security and it’s on the rise due to IoT (Internet of Things) and thus requires a better phishing detection mechanism to mitigate these loses and reputation injury. This research paper explores and reports the use of a combination of machine learning algorithms; Random Forest and AdaBoost and use of more phishing email features in improving the accuracy of phishing detection and prevention. This project will explore the existing phishing methods, investigate the effect of combining two machine learning algorithms to detect and prevent phishing attacks, design and develop a supervised classifier which can detect phishing and prevent phishing emails and test the model with existing data. A dataset consisting of both benign and phishing emails will be used to conduct a supervised learning by the model. Expected accuracy is 99.9%, False Negative (FN) and False Positive (FP) rates of 0.1% and below.
25
R G, Rahul. "PHISHING - UNVIELLING ITS TECHNIQUES." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 05 (2024): 1–5. http://dx.doi.org/10.55041/ijsrem34118.
Full textAbstract:
This study offers a detailed investigation of phishing attacks, a common cybersecurity danger aimed at individuals and organizations globally. It explores the reasons behind phishing attacks, which vary from making money to taking advantage of people's psychology. The research underscores the necessity for thorough detection systems and protective measures in order to effectively combat phishing. A study among knowledgeable individuals in the cybersecurity sector provides information on their awareness and vulnerability to phishing attempts. The results highlight how common phishing attacks are and the significance of grasping various attack vectors. KEYWORDS : Cyber Threat, Cyber Security, Phishing, Social Engineering, Identity Theft.
26
Zhou, Liang, Akshat Gaurav, Varsha Arya, Razaz Waheeb Attar, Shavi Bansal, and Ahmed Alhomoud. "Enhancing Phishing Detection in Semantic Web Systems Using Optimized Deep Learning Models." International Journal on Semantic Web and Information Systems 20, no. 1 (2024): 1–13. http://dx.doi.org/10.4018/ijswis.361772.
Full textAbstract:
Phishing detection in Semantic Web systems is crucial to safeguarding users from malicious attacks. In this context, this work presents a deep learning-based phishing attack detection model using MobileBERT for feature extraction and hyperparameter optimization using covariance matrix adaptation evolution strategy (CMA-ES). The model obtained a 95% classification accuracy. Important benchmarks like accuracy, recall, and F1-score show good ability to discriminate between phishing and legitimate emails. Applying CMA-ES, which improved detection accuracy, helps to verify the model even more. MobileBERT and CMA-ES together offer Semantic Web systems a fresh, efficient method of phishing detection.
27
Assegie, Tsehay Admassu. "K-Nearest Neighbor Based URL Identification Model for Phishing Attack Detection." Indian Journal of Artificial Intelligence and Neural Networking 1, no. 2 (2021): 18–21. http://dx.doi.org/10.35940/ijainn.b1019.041221.
Full textAbstract:
Phishing causes many problems in business industry. The electronic commerce and electronic banking such as mobile banking involves a number of online transaction. In such online transactions, we have to discriminate features related to legitimate and phishing websites in order to ensure security of the online transaction. In this study, we have collected data form phish tank public data repository and proposed K-Nearest Neighbors (KNN) based model for phishing attack detection. The proposed model detects phishing attack through URL classification. The performance of the proposed model is tested empirically and result is analyzed. Experimental result on test set reveals that the model is efficient on phishing attack detection. Furthermore, the K value that gives better accuracy is determined to achieve better performance on phishing attack detection. Overall, the average accuracy of the proposed model is 85.08%.
28
Assegie, Tsehay Admassu. "K-Nearest Neighbor Based URL Identification Model for Phishing Attack Detection." Indian Journal of Artificial Intelligence and Neural Networking 1, no. 2 (2021): 18–21. http://dx.doi.org/10.54105/ijainn.b1019.041221.
Full textAbstract:
Phishing causes many problems in business industry. The electronic commerce and electronic banking such as mobile banking involves a number of online transaction. In such online transactions, we have to discriminate features related to legitimate and phishing websites in order to ensure security of the online transaction. In this study, we have collected data form phish tank public data repository and proposed K-Nearest Neighbors (KNN) based model for phishing attack detection. The proposed model detects phishing attack through URL classification. The performance of the proposed model is tested empirically and result is analyzed. Experimental result on test set reveals that the model is efficient on phishing attack detection. Furthermore, the K value that gives better accuracy is determined to achieve better performance on phishing attack detection. Overall, the average accuracy of the proposed model is 85.08%.
29
Mounika, N., G. P. Amrutha, V. Krupavani, CH Kumar Raja, and A. Raj Prakash. "A Proactive Approach for Fake Website Detection Using Machine Learning." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 09, no. 04 (2025): 1–9. https://doi.org/10.55041/ijsrem43597.
Full textAbstract:
Phishing is a cyber-attack technique that employs fraudulent websites to trick individuals into revealing sensitive information, such as passwords, usernames, and financial details. With the rising prevalence of phishing attacks, developing robust detection systems is essential to safeguard individuals and organizations. The proposed system leverages a dataset comprising features derived from website components, including URL structure, domain attributes, and content properties. In the preprocessing stage, the dataset is refined by cleaning the data and selecting pertinent features to enhance the identification of phishing websites. The system employs advanced classification models, namely XGBoost, CatBoost, and LightGBM, to accurately distinguish between legitimate and phishing websites. These gradient-boosting-based approaches enhance online security and mitigate the risks posed by phishing attacks. Keywords: Phishing, Cybersecurity, Machine Learning, XGBoost, CatBoost, LightGBM
30
Ahammad, Shaik Irshad, Amanchi Kalpana, and Karthikram A. "AntiPhishStack 2.0: A Transformer-Driven Framework for Robust Phishing URL Detection." International Research Journal of Innovations in Engineering and Technology 09, Special Issue (2025): 255–60. https://doi.org/10.47001/irjiet/2025.inspire41.
Full textAbstract:
Phishing attacks have become a widely widespread cybersecurity threat, exploiting consumer vulnerabilities by mimicking legitimate web sites to thieve touchy facts. current detection structures regularly fail to adapt to evolving attack styles, in particular 0-day phishing attacks. This paper introduces AntiPhishStack 2.0, an enhanced phishing URL detection framework that leverages transformer-primarily based contextual analysis, GRUs with attention mechanisms for sequential dependencies, and superior characteristic engineering techniques. The machine employs a hybrid two-phase architecture and a CatBoost meta-classifier to obtain advanced detection accuracy, efficiency, and adaptability. Experimental effects on benchmark datasets show a detection accuracy of 98.01%, outperforming conventional models. The inclusion of light-weight deployment alternatives, along with TensorFlow Lite and ONNX, ensures actual-time applicability even in resource-limited environments. AntiPhishStack 2.0 sets a new benchmark in phishing detection, imparting sturdy defenses against sophisticated phishing strategies.
31
Desai, Viraj, and Kavitha R. "Unveiling the Depths of Phishing: Understanding Tactics, Impacts, and Countermeasures." International Journal of Innovative Research in Science,Engineering and Technology 13, no. 05 (2024): 8596–600. http://dx.doi.org/10.15680/ijirset.2024.1305331.
Full textAbstract:
Phishing attacks have emerged as a pervasive threat in the cybersecurity landscape, exploiting human vulnerabilities to compromise sensitive information and perpetrate cybercrime. This paper provides a comprehensive examination of phishing attacks, encompassing their methods, prevalence, and impact on individuals and organizations. Through an in-depth literature review, we delve into the various types of phishing attacks, including email phishing, spear phishing, and pharming, elucidating their distinct characteristics and methodologies. We highlight the significant financial and reputational costs incurred by victims of phishing attacks across different sectors. Despite advancements in cybersecurity technologies and awareness programs, phishing attacks persist as a prominent attack vector due to their adaptability and sophistication. Current mitigation strategies, such as email filtering, user education, and multi-factor authentication, offer some defense against phishing attacks but are not without limitations. Building upon this foundation, we discuss emerging trends in phishing attack vectors and explore the potential of advanced technologies, such as machine learning, artificial intelligence, and blockchain, to enhance phishing detection and prevention capabilities. Furthermore, we underscore the importance of collaboration between industry stakeholders, government agencies, and cybersecurity researchers in combating phishing attacks and fortifying cyber resilience. By fostering greater awareness and cooperation within the cybersecurity community, we can develop more effective defenses against phishing attacks and mitigate the impact of future cyber threats.
32
Kim, Bong-Hyun. "Design of Efficient Phishing Detection Model using Machine Learning." Tehnički glasnik 18, no. 1 (2024): 37–42. http://dx.doi.org/10.31803/tg-20230219213151.
Full textAbstract:
Abstract: Recently, there have been cases of phishing attempts to steal personal information through fake sites disguised as major sites. Although phishing attacks continue and increase, countermeasures remain in the form of defense after identifying the attack. Therefore, in this paper, we designed a phishing detection model using machine learning that provides knowledge and prediction by learning patterns from data input to a computer. For this, an analysis model was built using sklearn logistic regression, and the phishing probability was visualized using a heatmap. In addition, a graph was used to visually indicate the result, and a function for attribute information of a phishing website was provided.
33
Jazyah, Yahia Hasan, and Luai Al Shalabi. "Phishing detection using clustering and machine learning." IAES International Journal of Artificial Intelligence (IJ-AI) 13, no. 4 (2024): 4526. http://dx.doi.org/10.11591/ijai.v13.i4.pp4526-4536.
Full textAbstract:
<span lang="EN-US">Phishing is a prevalent and evolving cyber threat that continues to exploit human vulnerability to deceive individuals and organizations into revealing sensitive information. Phishing attacks encompass a range of tactics, from deceptive emails and fraudulent websites to social engineering techniques. Traditional methods of detection, such as signature-based approaches and rule-based filtering, have proven to be limited in their effectiveness, as attackers frequently adapt and create new, previously unseen phishing campaigns. Consequently, there is a growing need for more sophisticated and adaptable detection methods. In recent years, Machine Learning (ML) and Artificial Intelligence (AI) have played a significant role in enhancing phishing detection. These technologies leverage large datasets to train models capable of recognizing subtle patterns and anomalies in both email content and website behavior. This research proposes a hybrid algorithm to detect phishing attack based on clustering and classification ML methods (CMLM): Deep Learning (DL) and Decision Tree (DT). Simulation results show that the proposed technique achieves high percentage of accuracy in detecting phishing</span>
34
Dadkhah, Mehdi, Shahaboddin Shamshirband, and Ainuddin Wahid Abdul Wahab. "A hybrid approach for phishing web site detection." Electronic Library 34, no. 6 (2016): 927–44. http://dx.doi.org/10.1108/el-07-2015-0132.
Full textAbstract:
Purpose This paper aims to present a hybrid approach based on classification algorithms that was capable of identifying different types of phishing pages. In this approach, after eliminating features that do not play an important role in identifying phishing attacks and also after adding the technique of searching page title in the search engine, the capability of identifying journal phishing and phishing pages embedded in legal sites was added to the presented approach in this paper. Design/methodology/approach The hybrid approach of this paper for identifying phishing web sites is presented. This approach consists of four basic sections. The action of identifying phishing web sites and journal phishing attacks is performed via selecting two classification algorithms separately. To identify phishing attacks embedded in legal web sites also the method of page title searching is used and then the result is returned. To facilitate identifying phishing pages the black list approach is used along with the proposed approach so that the operation of identifying phishing web sites can be performed more accurately, and, finally, by using a decision table, it is judged that the intended web site is phishing or legal. Findings In this paper, a hybrid approach based on classification algorithms to identify phishing web sites is presented that has the ability to identify a new type of phishing attack known as journal phishing. The presented approach considers the most used features and adds new features to identify these attacks and to eliminate unused features in the identifying process of these attacks, does not have the problems of previous techniques and can identify journal phishing too. Originality/value The major advantage of this technique was considering all of the possible and effective features in identifying phishing attacks and eliminating unused features of previous techniques; also, this technique in comparison with other similar techniques has the ability of identifying journal phishing attacks and phishing pages embedded in legal sites.
35
Muhammad, Aamir Awan. "Pishing Attacks in Network Security." LC International Journal of STEM 1, no. 1 (2020): 29–33. https://doi.org/10.5281/zenodo.5005226.
Full textAbstract:
In the last few decays, phishing tricks have swiftly grown posing enormous threat to worldwide Internet security. These days, phishing attacks are one of the utmost common and serious threats over internet whereas cyber attackers are trying to steal users personal information regarding their financial assets by using different malwares and social engineering. The usual way of phishing attacks use some electronic messaging like emails or by providing the links that appears to be legitimate sites but actually these sites are malicious and controlled by the attackers. To detect phishing attack at high accuracy is always a crucial and has been great issue of interest. Recently many detection techniques has been introduced which are specifically designed for the detection of phishing with extreme accuracy. In this report the phishing attacks are discuss with some of the techniques which are proposed in various literature.
36
Abdulrahman, Lozan Mohammed, Sarkar Hasan Ahmed, Zryan Najat Rashid, Yousif Sufyan Jghef, Teba Mohammed Ghazi, and Umed H. Jader. "Web Phishing Detection Using Web Crawling, Cloud Infrastructure and Deep Learning Framework." Journal of Applied Science and Technology Trends 4, no. 01 (2023): 54–71. http://dx.doi.org/10.38094/jastt401144.
Full textAbstract:
The pandemic of COVID-19 obliges citizens to follow the “work from home “scheme. The Internet is also a powerful channel for social connections. The huge dependency of people on digital media opens doors to fraud. Phishing is a form of cybercrime that is used to rob users of passwords from online banking, e-commerce, online schools, digital markets, and others. Phishers create bogus websites like the original and deliver users spam mails. When an online user visits fake web pages via spam, phishers steal their credentials. As a result, it is important to identify these forms of fraudulent websites until they do any harm to victims. Inspired by the ever-changing existence of phishing websites. This paper reviews the work on Phishing attack detection and aims to examine techniques that mainly detect and help in preventing phishing attacks rather than mitigating them. Here we offered a general overview of the most effective phishing attack detection strategies focused on deep learning.
37
Y, Dwarakasai. "LSTM Based Phishing Detection for Big Email Data." International Journal for Research in Applied Science and Engineering Technology 13, no. 3 (2025): 2607–10. https://doi.org/10.22214/ijraset.2025.67874.
Full textAbstract:
Phishing attacks remain a significant concern for email security and typically utilize fraudulent messages that appear legitimate. In this study, we propose a new method that appropriately identifies phishing attacks based on email traffic using advanced NLP methods coupled with LSTM networks. The approach begins by applying NLP techniques to extract and analyze email content to identify specific linguistic cues indicative of phishing as well as other features in the text. The identified features will serve as inputs to the LSTM model which is suited to sequences of data and will help the system recognize patterns to discriminate a phishing attack from a non-phishing email. With deep learning systems and advanced NLP techniques, the proposed system has a high degree of accuracy when processing an abundance of emails. One of the major strengths of the proposed system is that it minimizes and attempts to eliminate false positives which can cause legitimate emails to be flagged as phishing attempts. The objective of this research is to improve email security by employing an effective and efficient mechanism for detecting Detecting possible phishing threats instantly.
38
Gürfidan, Remzi. "INTELLIGENT METHODS IN CYBER DEFENCE: MACHINE LEARNING BASED PHISHING ATTACK DETECTION ON WEB PAGES." Mühendislik Bilimleri ve Tasarım Dergisi 12, no. 2 (2024): 416–29. http://dx.doi.org/10.21923/jesd.1458955.
Full textAbstract:
Phishing attack on web pages is a type of malicious attack that aims to steal personal and sensitive information of internet users. Phishing attacks are usually conducted through various communication channels such as email, SMS, social media messages or websites. Users are directed to fake web pages of trusted organizations such as government agencies, banks, online shopping sites, etc. and asked to enter their personal information. These fake web pages may look remarkably like the original sites and are designed to mislead users. In this study, we used machine learning methods to detect the phishing attack threat of web pages and made significant progress in this area. Extensive analysis of six different machine learning algorithms showed that the Extra Trees algorithm yielded the most successful results. To further improve this success, we fine-tuned the Extra Trees algorithm and increased the correct classification success to 97.9%. In future studies, we would like to expand the dataset to include other machine learning methods to investigate the use of this technology in areas such as malware detection or the prevention of phishing attacks. This would be a crucial step towards providing more comprehensive protection in the field of cybersecurity.
39
Al-Sarem, Mohammed, Faisal Saeed, Zeyad Ghaleb Al-Mekhlafi, et al. "An Optimized Stacking Ensemble Model for Phishing Websites Detection." Electronics 10, no. 11 (2021): 1285. http://dx.doi.org/10.3390/electronics10111285.
Full textAbstract:
Security attacks on legitimate websites to steal users’ information, known as phishing attacks, have been increasing. This kind of attack does not just affect individuals’ or organisations’ websites. Although several detection methods for phishing websites have been proposed using machine learning, deep learning, and other approaches, their detection accuracy still needs to be enhanced. This paper proposes an optimized stacking ensemble method for phishing website detection. The optimisation was carried out using a genetic algorithm (GA) to tune the parameters of several ensemble machine learning methods, including random forests, AdaBoost, XGBoost, Bagging, GradientBoost, and LightGBM. The optimized classifiers were then ranked, and the best three models were chosen as base classifiers of a stacking ensemble method. The experiments were conducted on three phishing website datasets that consisted of both phishing websites and legitimate websites—the Phishing Websites Data Set from UCI (Dataset 1); Phishing Dataset for Machine Learning from Mendeley (Dataset 2, and Datasets for Phishing Websites Detection from Mendeley (Dataset 3). The experimental results showed an improvement using the optimized stacking ensemble method, where the detection accuracy reached 97.16%, 98.58%, and 97.39% for Dataset 1, Dataset 2, and Dataset 3, respectively.
40
Atlam, Hany F., and Olayonu Oluwatimilehin. "Business Email Compromise Phishing Detection Based on Machine Learning: A Systematic Literature Review." Electronics 12, no. 1 (2022): 42. http://dx.doi.org/10.3390/electronics12010042.
Full textAbstract:
The risk of cyberattacks against businesses has risen considerably, with Business Email Compromise (BEC) schemes taking the lead as one of the most common phishing attack methods. The daily evolution of this assault mechanism’s attack methods has shown a very high level of proficiency against organisations. Since the majority of BEC emails lack a payloader, they have become challenging for organisations to identify or detect using typical spam filtering and static feature extraction techniques. Hence, an efficient and effective BEC phishing detection approach is required to provide an effective solution to various organisations to protect against such attacks. This paper provides a systematic review and examination of the state of the art of BEC phishing detection techniques to provide a detailed understanding of the topic to allow researchers to identify the main principles of BEC phishing detection, the common Machine Learning (ML) algorithms used, the features used to detect BEC phishing, and the common datasets used. Based on the selected search strategy, 38 articles (of 950 articles) were chosen for closer examination. Out of these articles, the contributions of the selected articles were discussed and summarised to highlight their contributions as well as their limitations. In addition, the features of BEC phishing used for detection were provided, as well as the ML algorithms and datasets that were used in BEC phishing detection models were discussed. In the end, open issues and future research directions of BEC phishing detection based on ML were discussed.
41
Sandhya, S. Dhakane, S. Badgujar Apurva, Bagwan Sohel, and Kudle Bharti. "Detecting Phishing Attack and Spam Email Classification." Detecting Phishing Attack and Spam Email Classification 4, no. 1 (2019): 9–13. https://doi.org/10.5281/zenodo.2602658.
Full textAbstract:
<em>Now a days phishing Attack could be a threat that acquire sensitive data like user-name, watchword etc through on-line. Phishing email contains messages like raise the users to enter the non-public data so it's simple for hackers to hack the knowledge. Phishing could be a sort of on-line fraud that aims to steal sensitive data like on-line passwords and master card data. To beat this issues associated with security we have a tendency to developed application which supplies mobile and email verification, invisible virtual keyboard that pattern can we have a tendency to be sent to users email account from that user are sort thatdigit and login with success. Conjointly we have a tendency to plan the Spam email detection victimization classification.</em>
42
Sospeter, Birir Kipchirchir, and Wilfred Odoyo. "AI-Based Phishing Attack Detection And Prevention Using Natural Language Processing (NLP)." IC-ITECHS 5, no. 1 (2024): 597–602. https://doi.org/10.32664/ic-itechs.v5i1.1590.
Full textAbstract:
Phishing attacks remain one of the most prevalent and damaging cybersecurity threats, targeting users across various communication channels such as email, social media, and SMS. Traditional phishing detection systems are often limited to email and rely on static rule-based filtering or keyword matching, making them ineffective against evolving phishing tactics. This project proposes an innovative solution that utilizes Artificial Intelligence (AI) and Natural Language Processing (NLP) to create a real-time phishing attack detection and prevention system. By analyzing the contextual language of messages across multiple platforms, the system can detect and block phishing attempts with high accuracy. The system extracts important linguistic features such as urgency, emotional tone, and anomalous patterns within text, and applies machine learning algorithms—such as Random Forest, Support Vector Machines (SVM), and deep learning models like Long Short-Term Memory Networks (LSTM)—for classification. Additionally, a feedback loop is integrated to allow the system to adapt and improve over time through active learning, ensuring the detection system evolves alongside emerging phishing techniques. This AI-based solution extends beyond traditional email phishing detection by incorporating multiple channels, including SMS and social media platforms, making it a versatile tool for individuals and businesses. The system offers automated prevention actions, such as flagging suspicious messages and alerting users, thus providing a robust defense against phishing attacks in real-time. The project's implementation aims to fill the market gap in comprehensive, multi-channel phishing detection and contribute to the growing demand for intelligent and adaptive cybersecurity solutions.
43
Kaushik, Priyanka, and Saurabh Pratap Singh Rathore. "Deep Learning Multi-Agent Model for Phishing Cyber-attack Detection." International Journal on Recent and Innovation Trends in Computing and Communication 11, no. 9s (2023): 680–86. http://dx.doi.org/10.17762/ijritcc.v11i9s.7674.
Full textAbstract:
Phishing attacks have become one of the most prominent cyber threats in recent times, which poses a significant risk to the security of organizations and individuals. Therefore, detecting such Cyber attacks has become crucial to ensure a secure digital environment. In this regard, deep learning techniques have shown promising results for the detection of phishing attacks due to their ability to learn and extract features from raw data. In this study, we propose a deep learning-based approach to detecting phishing attacks by using a combination of convolutional neural networks (CNN) and long short-term memory (LSTM) networks. Our proposed model extracts features from the URL and email content to detect phishing attempts. We evaluate the proposed approach on a real-world dataset and achieve an accuracy of over 95%. The results indicate that the proposed approach can effectively detect phishing attacks and can be utilized in real-world applications to ensure a secure digital environment.
44
Foozy, Cik Feresa Mohd, Muhammad Amir Izaan Anuar, Andi Maslan, Husaini Aza Mohd Adam, and Hairulnizam Mahdin. "Phishing URLs Detection Using Naives Baiyes, Random Forest and LightGBM Algorithms." International Journal of Data Science 5, no. 1 (2024): 56–63. https://doi.org/10.18517/ijods.5.1.56-63.2024.
Full textAbstract:
In response to the increasing complexity of phishing attacks, particularly in Malaysia, this study aims to compare the accuracy and precision effectiveness of three machine learning algorithms Naive Bayes, Random Forest and LightGBM in detecting URL (Uniform Resource Locator) phishing. This research employs a comprehensive four-stages methodology including data collection, preprocessing, feature selection, and classification to analyze data for URL phishing attacks classification. The objectives are to identify phishing attack features based on dataset using and machine learning algorithms, to compare between three classification algorithms of Naïve Bayes, Random Forest, and Light Gradient Boosting Model (LightGBM), and to evaluate the model in terms of accuracy, and precision using machine learning algorithms. Through this comparative analysis, the study seeks to develop a phishing detection model, to identify the suitable features and classification algorithms for the datasets. The result accuracy, precision for NB, Random & LightGBM. The Accuracy result of Naives Baiyes is 94.24%, the result of Random Forest is 94.80% and the result of LightGBM is 95.00%.
45
Mr., Ayan Ghosh, and Basak Rahul. "Phishing Attack Detection for Small Organisations – Using Machine Learning." Journal of Advanced Research in Artificial Intelligence & It's Applications 2, no. 3 (2025): 52–57. https://doi.org/10.5281/zenodo.15449656.
Full textAbstract:
<em>Phishing attacks are a major risk for small organizations because of less cybersecurity resources and awareness. This report introduces a Phishing Detection System that helps small businesses to defend against fake attempts to obtain sensitive information. The system combines various techniques to detect the URL phishing. With the use of this phishing detection system, small organizations can effectively minimize the threat of cyber fraud, providing a secure digital environment for customers as well as employees.</em>
46
R, Gokul, and Felix M. Philip. "Phishing Detection." YMER Digital 21, no. 06 (2022): 405–12. http://dx.doi.org/10.37896/ymer21.06/39.
Full textAbstract:
The phishing email is one of the significant threats in the world today and has caused tremendous financial losses. Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. Although the methods of confrontation are continually being updated, the results of those methods are not very satisfactory at present. Moreover, phishing emails are growing at an alarming rate in recent years. Therefore, more effective phishing detection technology is needed to curb the threat of phishing emails. So There are many ways to detect these phishing mails nowadays using Machine Learning. so using the phishing mail detector where these links could be tested and then predicted and to detect whether it is a spam or not. Keywords: Phishing mail, Social engineering, Machine learning
47
Rendall, Kieran, Antonia Nisioti, and Alexios Mylonas. "Towards a Multi-Layered Phishing Detection." Sensors 20, no. 16 (2020): 4540. http://dx.doi.org/10.3390/s20164540.
Full textAbstract:
Phishing is one of the most common threats that users face while browsing the web. In the current threat landscape, a targeted phishing attack (i.e., spear phishing) often constitutes the first action of a threat actor during an intrusion campaign. To tackle this threat, many data-driven approaches have been proposed, which mostly rely on the use of supervised machine learning under a single-layer approach. However, such approaches are resource-demanding and, thus, their deployment in production environments is infeasible. Moreover, most previous works utilise a feature set that can be easily tampered with by adversaries. In this paper, we investigate the use of a multi-layered detection framework in which a potential phishing domain is classified multiple times by models using different feature sets. In our work, an additional classification takes place only when the initial one scores below a predefined confidence level, which is set by the system owner. We demonstrate our approach by implementing a two-layered detection system, which uses supervised machine learning to identify phishing attacks. We evaluate our system with a dataset consisting of active phishing attacks and find that its performance is comparable to the state of the art.
48
Kapan, Sibel, and Efnan Sora Gunal. "Improved Phishing Attack Detection with Machine Learning: A Comprehensive Evaluation of Classifiers and Features." Applied Sciences 13, no. 24 (2023): 13269. http://dx.doi.org/10.3390/app132413269.
Full textAbstract:
In phishing attack detection, machine learning-based approaches are more effective than simple blacklisting strategies, as they can adapt to new types of attacks and do not require manual updates. However, for these approaches, the choice of features and classifiers directly influences detection performance. Therefore, in this work, the contributions of various features and classifiers to detecting phishing attacks were thoroughly analyzed to find the best classifier and feature set in terms of different performance metrics including accuracy, precision, recall, F1-score, and classification time. For this purpose, a brand-new phishing dataset was prepared and made publicly available. Using an exhaustive strategy, every combination of the feature groups was fed into various classifiers to detect phishing websites. Two existing benchmark datasets were also used in addition to ours for further analysis. The experimental results revealed that the features based on the uniform resource locator (URL) and hypertext transfer protocol (HTTP), rather than all features, offered the best performance. Also, the decision tree classifier surpassed the others, achieving an F1-score of 0.99 and being one of the fastest classifiers overall.
49
Dholakia, Neel, and Pragati Agrawal. "Review on Phishing Attack Detection Techniques." ASIAN JOURNAL OF CONVERGENCE IN TECHNOLOGY 6, no. 2 (2020): 41–47. http://dx.doi.org/10.33130/ajct.2020v06i02.008.
Full text
50
Al-Hamar, Yuosuf, Hoshang Kolivand, Mostafa Tajdini, Tanzila Saba, and Varatharajan Ramachandran. "Enterprise Credential Spear-phishing attack detection." Computers & Electrical Engineering 94 (September 2021): 107363. http://dx.doi.org/10.1016/j.compeleceng.2021.107363.
Full text