Intelligent cyber-phishing detection for online

P.A. Barraclough, Gerhard Fehringer, John Woodward

Research output: Contribution to journalArticlepeer-review

Abstract

Phishing attacks are on the increase, resulting in financial loss and theft of sensitive information to online services and users. Anti-phishing approaches have concentrated on blacklist-based approaches that use manually verified Unified Resource Locators (URLs); or content-based methods that utilise heuristics-based machine learning (ML) classifiers. However, online deception is still on the rise. In this study, we introduce a novel methodology combining blacklist-based, web content-based and heuristic based approaches, using ML algorithms with comprehensive features to allow more accurate phishing attack detection. Extensive evaluation was carried out based on Adaptive neuro-fuzzy inference system (ANFIS), Naïve Bayes (NB), PART, J48, and JRip with features, using evaluation methods (metrics) to measure the proposed method performance. All the classifiers achieved over 99% - 99.33% accuracy. PART attained 99.33% accuracy with 0.006 seconds (secs) speed, which is the best performance. We experimentally demonstrate that the proposed methodology can detect phishing websites with a high accuracy in real-time and generalise well to new phishing attacks. The proposed approach has the best performance compared to related approaches in the field.

Original languageEnglish
Article number102123
JournalComputers and Security
Volume104
Early online date27 Jan 2021
DOIs
Publication statusPublished - 1 May 2021

Fingerprint Dive into the research topics of 'Intelligent cyber-phishing detection for online'. Together they form a unique fingerprint.

Cite this