Enhanced Feature Extraction for Phishing URL Detection: A Comprehensive Analysis of Structural, Host-Based, Content and N-Gram Attributes
摘要
In order to increase the accuracy of threat detection for malicious URLs, this paper proposes an improved feature extraction methodology. High false positive rates are a common consequence of traditional detection systems’ restricted feature sets. The suggested method extracts a wide variety of lexical, host-based, content-based, and character-level n-gram features in order to solve this. While host-based qualities offer contextual information like domain age and DNS validity, lexical features record structural irregularities. While n-gram features identify obfuscation through frequent character sequences, content-based features—such as login indicators, file extensions, and JavaScript references—reflect behavioral patterns. According to correlation analysis, the majority of traits are still weakly associated, providing a variety of complementary signals, even while some are strongly related. By properly recognizing benign URLs with 100% confidence, the suggested model showed dependable real-time prediction and obtained a high accuracy of 98.50% in detecting dangerous URLs.