URL-Based Web Phishing Detection Using Machine Learning
摘要
Phishing attacks are defined as user deception using fraudulent sites. A study was undertaken with the goal to build an efficient and accurate phishing URL detection system based on the data that was gathered from sources using reliable methods such as PhishTank and OpenPhish for phishing URLs and collected other legitimate URLs from search engines along with verified repositories. After cleaning for missing data and non-relevant columns, feature engineering is applied to extract meaningful features based on a closer examination of URL structure and attributes. The results of the phishing detector with three machine learning models are trained and tested. Here, again the former outperformed, Random Forest, on the others because its ensemble learning ability enhanced accuracy without overfitting. Some of the advanced features that have been extracted for training the model include URL length, presence of suspicious keywords, and usage of HTTPS. It was demonstrated that high accuracy is achievable in real-time phishing detection by correctly identifying phishing attempts based on URL features, thus making this a reliable tool for cybersecurity applications.