Abstract:

Cybercriminals have become increasingly sophisticated in their methods of phishing attacks. An attacker uses social media platforms or emails to send fake messages as part of a social engineering attack. Users' information can be stolen or malicious software installed when a phishing attack is conducted. A phishing message can appear to be legitimate to a user, making it difficult to detect. A phishing URL could be included in this message, making it possible for even an expert to be victimized. This URL can be used by attackers to create a fake website that steals a victim's login and payment details. Phishing attacks can be detected without the help of experts thanks to advance research and engineering. There is no comprehensive survey of the methods for detecting phishing in HTML and URLs, despite the fact that many papers discuss these methods. With six dissimilar classification procedures based on eleven prearranged structures, suggest a novel method to detect phishing websites via Internet URLs and domain names. As a result of the proposed method, feature extraction is simplified, and processing overhead is reduced while URLs and domain names are also considered as part of feature extraction, which improves overall performance. A Random Forest algorithm was used to illustrate which classification results had the maximum correctness percentage out of six possible classification consequences. In this article, a dataset of 33,918 data points is used, of which 12,134 data points are free of phishing internet sites and 20,614 data points contain phishing websites. The data points are labeled using eleven specified attributes. The proposed method is capable of detecting phishing websites with an accuracy of 99.20% according to our experimental results. In this study, RF descriptors with SVM representations were shown to accurately mark phishing web pages.

Description:

Phishing attacks, HTML, URL, Artificial Intelligence, Machine Learning, Natural Language Processing, Intelligent Detection