A MODIFIED ALGORITHM FOR INCREASING THE PERFORMANCE OF MACHINE LEARNING FOR PHISHING ATTACK DETECTION AND CLASSIFICATION

A. Maraximov; K. Xudaybergenov; H. Choriyev; A. Nasiriddinov

doi:10.5281/zenodo.7403080

A MODIFIED ALGORITHM FOR INCREASING THE PERFORMANCE OF MACHINE LEARNING FOR PHISHING ATTACK DETECTION AND CLASSIFICATION

05.12.2022 International Scientific Journal "Science and Innovation". Series A. Volume 1 Issue 8

A. Maraximov , K. Xudaybergenov , H. Choriyev , A. Nasiriddinov

Abstract. Phishing websites refer to an attack where cyber criminals spoof official websites to lure people into accessing to illegally obtain user identity, password, privacy, and even properties. This attack poses a great threat to inexperienced Internet users and is becoming more and more difficult. Many proposals for detecting phishing websites have shown their effectiveness and the advantage of methods for detecting and classifying Uniform Resource Locators (URLs). Although several approaches have been proposed for detecting and classifying phishing attacks, URL-based machine learning and artificial intelligence approaches provide better performance results, but they all depend on the feature set used. To improve the accuracy of phishing website detection, the article proposes a new decision tree-based model and feature set for Internet of Things (IoT) devices that have limited capabilities and low power consumption. The present study examines how the selection of a feature set from a trainee data set significantly improves the speed and performance of classifying phishing attacks in IoT devices. According to the experimental and comparative results of the implemented classification algorithms, the piecewise linear decision tree algorithm based on the new activation functions provides the best performance with 97.50% accuracy for detecting phishing URLs.

Keywords: decision tree, classifier, phishing attack, URL resource, training set, machine learning.

References:

1. R.J. Anderson, C. Barton, R. Böhme, R. Clayton, M.J.G. van Eeten, M. Levi, T. Moore, S. Savage, in: R. Böhme (Ed.), Measuring the Cost of Cybercrime, The Economics of Information Security and Privacy, Springer, 2013, pp. 265-300. 2. Q. Cui, G.-V. Jourdan, G.V. Bochmann, I.-V. Onut, J. Flood, Phishing Attacks Modifications and Evolutions, in: J. Lopez, J. Zhou, M. Soriano (Eds.), Computer Security, Springer International Publishing, Cham, 2018, pp. 243-262. 3. L. Atzori, A. Iera, G. Morabito, Understanding the Internet of Things: definition, potentials, and societal role of a fast evolving paradigm, Ad Hoc Networks. 56 (2017) 122-140. 4. O.K. Sahingoz, E. Buber, O. Demir, B. Diri, Machine learning based phishing detection from URLs, Expert Systems and Applications. 117 (2019) 345-357. 5. M.T. Suleman, S.M. Awan, Optimization of URL-Based Phishing Websites Detection through Genetic Algorithms, Automatic Control and Computer Sciences. 53 (2019) 333-341. 6. Marakhimov A.R., Kudaybergenov J.K., Khudaybergenov K.K., Ohundadaev, U.R. A multivariate binary decision tree classifier based on shallow neural network. Scientific and Technical Journal of Information Technologies, Mechanics and Optics, 2022, 22(4), pp. 725-733. 7. S. Afroz, R. Greenstadt, Phishzoo: Detecting phishing websites by looking at them, in: Fifth IEEE International Conference on Semantic Computing, 2011. 8. S. Sheng, B. Wardman, G. Warner, L. Cranor, J. Hong, An empirical analysis of phishing blacklists, 2009. 9. S. Haruta, H. Asahina, I. Sasase, Visual similarity-based phishing detection using image and CSS with target website finder, in: IEEE Global Communications Conference, 2017. 10. S. Abdelnabi, K. Krombhoiz, M. Fritz, WhiteNet: Phishing website detection by visual whitelists, in: Cryptography and Security, 2019. 11. Peng, I. Harris, Y. Sawa, Detecting phishing attacks using natural language processing and machine learning, in: IEEE 12th International Conference on Semantic Computing(ICSC), 2018. 12. Yazan Ahmad Alsariera, et al., Ai meta-learners and extra-trees algorithm for the detection of phishing websites, IEEE Access 8 (2020) 142532-142542. 13. A. Tewari, B.B. Gupta, Security, privacy and trust of different layers in Internet-of-Things (IoTs) framework, Future Gener. Comput. (2020). 14. Sahingoz OK, Buber E, Demir O, Diri B. Machine learning based phishing detection from URLs. Expert Systems and Applications. 2019. Vol.117, pp.345-57. 15. Shekokar NM, Shah C, Mahajan M, Rachh S. An ideal approach for detection and prevention of phishing attacks. Procedia Computer Science. 2015. pp.49-82. 16. Nezhad JH, Jahan MV, Tayarani-N M-H, Sadrnezhad Z. Analyzing new features of infected web content in detection of malicious webpages. ISC International Journal of Information Security. 2017. Vol. 9(2), pp. 63-83. 17. Rao RS, Pais AR. Detection of phishing websites using an efficient feature-based machine learning framework. Neural Computing and Applications. 2019. vol. 31, pp.3851-3873.