Abstract
Existing machine learning based approaches for detecting zero hour phishing websites have moderate accuracy and false alarm rates and rely heavily on limited types of features. Phishers are constantly learning their features and use sophisticated tools to adopt the features in phishing websites to evade detections. Therefore, there is a need for continuous discovery of new, robust and more diverse types of prediction features to improve resilience against detection evasions. This paper proposes a framework for predicting zero hour phishing websites by introducing new hybrid features with high prediction performances. Prediction performance of the features was investigated using eight machine learning algorithms in which Random Forest algorithm performed the best with accuracy and false negative rates of 98.45% and 0.73% respectively. It was found that domain registration information and webpage reputation types of features were strong predictors when compared to other feature types. On individual features, webpage reputation features were highly ranked in terms of feature importance weights. The prediction runtime per webpage measured at 7.63Â s suggest that our approach has a potential for real time applications. Our framework is able to detect phishing websites hosted in either compromised or dedicated phishing domains.
Original language | English |
---|---|
Title of host publication | International Joint Conference |
Subtitle of host publication | 12th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2019) and 10th International Conference on EUropean Transnational Education (ICEUTE 2019), Proceedings |
Editors | Francisco Martínez Álvarez, Alicia Troncoso Lora, Héctor Quintián, José António Sáez Muñoz, Emilio Corchado |
Publisher | Springer |
Pages | 36-46 |
Number of pages | 11 |
ISBN (Print) | 9783030200046 |
DOIs | |
Publication status | Published - 28 Apr 2019 |
Event | International Joint Conference: 12th International Conference on Computational Intelligence in Security for Information Systems, CISIS 2019 and 10th International Conference on European Transnational Education, ICEUTE 2019 - Seville, Spain Duration: 13 May 2019 → 15 May 2019 |
Publication series
Name | Advances in Intelligent Systems and Computing |
---|---|
Volume | 951 |
ISSN (Print) | 2194-5357 |
ISSN (Electronic) | 2194-5365 |
Conference
Conference | International Joint Conference: 12th International Conference on Computational Intelligence in Security for Information Systems, CISIS 2019 and 10th International Conference on European Transnational Education, ICEUTE 2019 |
---|---|
Country/Territory | Spain |
City | Seville |
Period | 13/05/19 → 15/05/19 |
Bibliographical note
Funding Information:The research leading to the results presented in the paper was partially funded by the UK Commonwealth Scholarship Commission (CSC).
Keywords
- Machine learning
- Phishing
- Phishing webpage detection
- Webpage features
- Zero hour phishing website