The proliferation of abusive websites, particularly those facilitating phishing, fraud has emerged as a critical cybersecurity threat. Detecting these abusive websites efficiently remains a crucial challenge, necessitating sophisticated feature engineering and advanced machine learning techniques. In this paper, we present a comprehensive comparative study of domain-based and content-based approaches for abusive website detection with two datasets such as Vietnamese abusive websites and international phising datasets. Through extensive evaluation, we demonstrate that the integration of multiple feature types significantly enhances the detection accuracy. In particular, hosting-related features exhibit strong independent predictive capability, while machine learning models that take advantage of these features continue to achieve robust performance. Although extracted features contribute substantially to high-accuracy detection, our findings indicate that source code analysis is the most effective method for identifying abusive websites. In particular, language models, such as Phishlang, excel at capturing the textual patterns within website source code, achieving outstanding performance with an accuracy of 0.98 and an F1-score of 0.97.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A Comparative Study on Domain and Content-Based Approaches for Abusive Website Detection

  • Quoc Vuong Nguyen,
  • Tang Phu Quy Le,
  • Van Nam Pham,
  • That Ron Ton,
  • Anh Sang Phung,
  • The Quoc Dung Truong,
  • Ngoc Xuan Quynh Nguyen,
  • Huu Nhat Minh Nguyen

摘要

The proliferation of abusive websites, particularly those facilitating phishing, fraud has emerged as a critical cybersecurity threat. Detecting these abusive websites efficiently remains a crucial challenge, necessitating sophisticated feature engineering and advanced machine learning techniques. In this paper, we present a comprehensive comparative study of domain-based and content-based approaches for abusive website detection with two datasets such as Vietnamese abusive websites and international phising datasets. Through extensive evaluation, we demonstrate that the integration of multiple feature types significantly enhances the detection accuracy. In particular, hosting-related features exhibit strong independent predictive capability, while machine learning models that take advantage of these features continue to achieve robust performance. Although extracted features contribute substantially to high-accuracy detection, our findings indicate that source code analysis is the most effective method for identifying abusive websites. In particular, language models, such as Phishlang, excel at capturing the textual patterns within website source code, achieving outstanding performance with an accuracy of 0.98 and an F1-score of 0.97.