A Framework of New Hybrid Features for Intelligent Detection of Zero Hour Phishing Websites

Thomas Nagunwa*, Syed Naqvi, Shereen Fouad, Hanifa Shah

*Corresponding author for this work

Research output: Chapter in Book/Published conference outputConference publication

Abstract

Existing machine learning based approaches for detecting zero hour phishing websites have moderate accuracy and false alarm rates and rely heavily on limited types of features. Phishers are constantly learning their features and use sophisticated tools to adopt the features in phishing websites to evade detections. Therefore, there is a need for continuous discovery of new, robust and more diverse types of prediction features to improve resilience against detection evasions. This paper proposes a framework for predicting zero hour phishing websites by introducing new hybrid features with high prediction performances. Prediction performance of the features was investigated using eight machine learning algorithms in which Random Forest algorithm performed the best with accuracy and false negative rates of 98.45% and 0.73% respectively. It was found that domain registration information and webpage reputation types of features were strong predictors when compared to other feature types. On individual features, webpage reputation features were highly ranked in terms of feature importance weights. The prediction runtime per webpage measured at 7.63 s suggest that our approach has a potential for real time applications. Our framework is able to detect phishing websites hosted in either compromised or dedicated phishing domains.

Original languageEnglish
Title of host publicationInternational Joint Conference
Subtitle of host publication12th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2019) and 10th International Conference on EUropean Transnational Education (ICEUTE 2019), Proceedings
EditorsFrancisco Martínez Álvarez, Alicia Troncoso Lora, Héctor Quintián, José António Sáez Muñoz, Emilio Corchado
PublisherSpringer
Pages36-46
Number of pages11
ISBN (Print)9783030200046
DOIs
Publication statusPublished - 28 Apr 2019
EventInternational Joint Conference: 12th International Conference on Computational Intelligence in Security for Information Systems, CISIS 2019 and 10th International Conference on European Transnational Education, ICEUTE 2019 - Seville, Spain
Duration: 13 May 201915 May 2019

Publication series

NameAdvances in Intelligent Systems and Computing
Volume951
ISSN (Print)2194-5357
ISSN (Electronic)2194-5365

Conference

ConferenceInternational Joint Conference: 12th International Conference on Computational Intelligence in Security for Information Systems, CISIS 2019 and 10th International Conference on European Transnational Education, ICEUTE 2019
Country/TerritorySpain
CitySeville
Period13/05/1915/05/19

Bibliographical note

Funding Information:
The research leading to the results presented in the paper was partially funded by the UK Commonwealth Scholarship Commission (CSC).

Keywords

  • Machine learning
  • Phishing
  • Phishing webpage detection
  • Webpage features
  • Zero hour phishing website

Fingerprint

Dive into the research topics of 'A Framework of New Hybrid Features for Intelligent Detection of Zero Hour Phishing Websites'. Together they form a unique fingerprint.

Cite this