Abstract
Phishing attacks are on the increase, resulting in financial loss and theft of sensitive information to online services and users. Anti-phishing approaches have concentrated on blacklist-based approaches that use manually verified Unified Resource Locators (URLs); or content-based methods that utilise heuristics-based machine learning (ML) classifiers. However, online deception is still on the rise. In this study, we introduce a novel methodology combining blacklist-based, web content-based and heuristic based approaches, using ML algorithms with comprehensive features to allow more accurate phishing attack detection. Extensive evaluation was carried out based on Adaptive neuro-fuzzy inference system (ANFIS), Naïve Bayes (NB), PART, J48, and JRip with features, using evaluation methods (metrics) to measure the proposed method performance. All the classifiers achieved over 99% - 99.33% accuracy. PART attained 99.33% accuracy with 0.006 seconds (secs) speed, which is the best performance. We experimentally demonstrate that the proposed methodology can detect phishing websites with a high accuracy in real-time and generalise well to new phishing attacks. The proposed approach has the best performance compared to related approaches in the field.
Original language | English |
---|---|
Article number | 102123 |
Number of pages | 17 |
Journal | Computers and Security |
Volume | 104 |
Early online date | 27 Jan 2021 |
DOIs | |
Publication status | Published - 1 May 2021 |
Keywords
- ANFIS
- Cyber-phishing
- FIS
- Fuzzy systems
- Intelligent
- Phishing