TY - JOUR
T1 - Intelligent cyber-phishing detection for online
AU - Barraclough, Phoebe
AU - Fehringer, Gerhard
AU - Woodward, John
PY - 2021/5/1
Y1 - 2021/5/1
N2 - Phishing attacks are on the increase, resulting in financial loss and theft of sensitive information to online services and users. Anti-phishing approaches have concentrated on blacklist-based approaches that use manually verified Unified Resource Locators (URLs); or content-based methods that utilise heuristics-based machine learning (ML) classifiers. However, online deception is still on the rise. In this study, we introduce a novel methodology combining blacklist-based, web content-based and heuristic based approaches, using ML algorithms with comprehensive features to allow more accurate phishing attack detection. Extensive evaluation was carried out based on Adaptive neuro-fuzzy inference system (ANFIS), Naïve Bayes (NB), PART, J48, and JRip with features, using evaluation methods (metrics) to measure the proposed method performance. All the classifiers achieved over 99% - 99.33% accuracy. PART attained 99.33% accuracy with 0.006 seconds (secs) speed, which is the best performance. We experimentally demonstrate that the proposed methodology can detect phishing websites with a high accuracy in real-time and generalise well to new phishing attacks. The proposed approach has the best performance compared to related approaches in the field.
AB - Phishing attacks are on the increase, resulting in financial loss and theft of sensitive information to online services and users. Anti-phishing approaches have concentrated on blacklist-based approaches that use manually verified Unified Resource Locators (URLs); or content-based methods that utilise heuristics-based machine learning (ML) classifiers. However, online deception is still on the rise. In this study, we introduce a novel methodology combining blacklist-based, web content-based and heuristic based approaches, using ML algorithms with comprehensive features to allow more accurate phishing attack detection. Extensive evaluation was carried out based on Adaptive neuro-fuzzy inference system (ANFIS), Naïve Bayes (NB), PART, J48, and JRip with features, using evaluation methods (metrics) to measure the proposed method performance. All the classifiers achieved over 99% - 99.33% accuracy. PART attained 99.33% accuracy with 0.006 seconds (secs) speed, which is the best performance. We experimentally demonstrate that the proposed methodology can detect phishing websites with a high accuracy in real-time and generalise well to new phishing attacks. The proposed approach has the best performance compared to related approaches in the field.
KW - ANFIS
KW - Cyber-phishing
KW - FIS
KW - Fuzzy systems
KW - Intelligent
KW - Phishing
UR - http://www.scopus.com/inward/record.url?scp=85100644965&partnerID=8YFLogxK
U2 - 10.1016/j.cose.2020.102123
DO - 10.1016/j.cose.2020.102123
M3 - Article
VL - 104
JO - Computers and Security
JF - Computers and Security
SN - 0167-4048
M1 - 102123
ER -