Abstract
Phishing attacks are security attacks that do not affect only individuals or organisations websites, but it may affect Internet of Things (IoT) devices and networks. IoT environment is an exposed environment for such attacks. Attackers may use thingbots software for dispersal hidden junk emails that not noticed by users. Machine and deep learning and other methods were used to design detection methods for these attacks. However, there still a need to enhance the detection accuracy. An optimized ensemble classification method for phishing website detection is proposed in this study. A Genetic Algorithm (GA) was used to optimize the ensemble classification method by tuning the parameters of several ensemble Machine Learning (ML) methods, including Random Forest, AdaBoost, and XGBoost. These were accomplished by ranking the optimized classifiers to pick out the best classifiers as a base for stacking ensemble method. A phishing website dataset that made up of 4898 phishing websites and 6157 legitimate websites was used for this study experiments. As a result, detection accuracy was enhanced and reached 97.16%.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Al-Sarem, M., Saeed, F., Al-Mekhlafi, Z.G., Mohammed, B.A., Al-Hadhrami, T., et al.: An optimized stacking ensemble model for phishing websites detection. Electronics 10(11), 1–18 (2021)
Gupta, B.B., Arachchilage, N.A.G., Psannis, K.E.: Defending against phishing attacks: taxonomy of methods, current issues and future directions. Telecommun. Syst. 67(2), 247–267 (2017). https://doi.org/10.1007/s11235-017-0334-z
Gubbi, J., Buyya, R., Marusic, S., Palaniswami, M.: Internet of Things (IoT): A vision, architectural elements, and future directions. Futur. Gener. Comput. Syst. 29(7), 1645–1660 (2018)
Roman, R., Najera, P., Lopez, J.: Securing the Internet of Things. Computer 44(9), 51–58 (2011)
Tang, D.: Event detection in sensor networks. School of Engineering and Applied Sciences, The George Washington University, USA (2009)
Wei, B., Hamad, R.A., Yang, L., He, X., Wang, H., et al.: A deep-learning-driven light-weight phishing detection sensor. Sensors 19(19), 1–13 (2019)
Somesha, M., Pais, A.R., Rao, R.S., Rathour, V.S.: Efficient deep learning techniques for the detection of phishing websites. Sādhanā 45(1), 1–18 (2020). https://doi.org/10.1007/s12046-020-01392-4
Ali, W., Ahmed, A.A.: Hybrid intelligent phishing website prediction using deep neural networks with genetic algorithm-based feature selection and weighting. IET Inf. Secur. 13(6), 659–669 (2019)
Chiew, K.L., Tan, C.L., Wong, K., Yong, K.S., Tiong, W.K.: A new hybrid ensemble feature selection framework for machine learning-based phishing detection system. Inf. Sci. 484, 153–166 (2019)
Rao, R.S., Pais, A.R.: Detection of phishing websites using an efficient feature-based machine learning framework. Neural Comput. Appl. 31(8), 3851–3873 (2018). https://doi.org/10.1007/s00521-017-3305-0
Ali, W., Malebary, S.: Particle swarm optimization-based feature weighting for improving intelligent phishing website detection. IEEE Access 8, 116766–116780 (2020)
Khursheeed, F., Sami-Ud-Din, M., Sumra, I.A., Safder, M.A.: Review of security mechanism in internet of things (IoT). In: IEEE 3rd International Conference on Advancements in Computational Sciences (ICACS), Lahore, Pakistan, pp. 1–9. IEEE (2020)
Tsiknas, K., Taketzis, D., Demertzis, K., Skianis, C.: Cyber threats to industrial IoT: a survey on attacks and countermeasures. IoT 2(1), 163–218 (2021)
Parra, G.D., Rad, P., Choo, K.K., Beebe, N.: Detecting Internet of Things attacks using distributed deep learning. J. Netw. Comput. Appl. 163(102662), 1–20 (2020)
Mao, J., et al.: Phishing page detection via learning classifiers from page layout feature. EURASIP J. Wirel. Commun. Netw. 1, 1–14 (2019). https://doi.org/10.1186/s13638-019-1361-0
Virat, M.S., Bindu, S.M., Aishwarya, B., Dhanush, B.N., Kounte, M.R.: Security and privacy challenges in internet of things. In: IEEE 2nd International Conference on Trends in Electronics and Informatics (ICOEI), Tirunelveli, India, pp. 454–460. IEEE (2018)
Deogirikar, J., Vidhate, A.: Security attacks in IoT: a survey. In: IEEE International Conference on IoT in Social, Mobile, Analytics and Cloud (I-SMAC), Palladam, India, pp. 32–37. IEEE (2017)
Alsariera, Y.A., Adeyemo, V.E., Balogun, A.O., Alazzawi, A.K.: AI meta-learners and extra-trees algorithm for the detection of phishing websites. IEEE Access 8, 142532–142542 (2020)
Jain, A.K., Gupta, B.B.: A machine learning based approach for phishing detection using hyperlinks information. J. Ambient. Intell. Humaniz. Comput. 10(5), 2015–2028 (2018). https://doi.org/10.1007/s12652-018-0798-z
Feng, F., Zhou, Q., Shen, Z., Yang, X., Han, L., et al.: The application of a novel neural network in the detection of phishing websites. J. Ambient Intell. Hum. Comput. 1–15 (2018)
Aburub, F., Hadi, W.: A new association classification based method for detecting phishing websites. J. Theor. Appl. Inf. Technol. 99(1), 147–158 (2021)
Gandotra, E., Gupta, D.: An efficient approach for phishing detection using machine learning. In: Giri, K.J., Parah, S.A., Bashir, R., Muhammad, K. (eds.) Multimedia Security. AIS, pp. 239–253. Springer, Singapore (2021). https://doi.org/10.1007/978-981-15-8711-5_12
Shabudin, S., Sani, N.S., Ariffin, K.A., Aliff, M.: Feature selection for phishing website classification. Int. J. Adv. Comput. Sci. Appl. 11(4), 587–595 (2020)
Subasi, A., Molah, E., Almkallawi, F., Chaudhery, T.J.: Intelligent phishing website detection using random forest classifier. In: IEEE International Conference on Electrical and Computing Technologies and Applications (ICECTA), Ras Al Khaimah, United Arab Emirates, pp. 1–5. IEEE (2017)
Yu, X.: Phishing websites detection based on hybrid model of deep belief network and support vector machine. In: IOP Conference Series: Earth and Environmental Science, vol. 602, no. 1, pp. 1–9 (2020)
Patil, D.R., Patil, J.B.: Malicious web pages detection using feature selection techniques and machine learning. Int. J. High Perform. Comput. Netw. 14(4), 473–488 (2019)
PhishTank. Developer information. http://phishtank.org/developer_info.php. Accessed 28 Feb 2021
Dua, D., Graff, C.: UCI machine learning repository. School of Information and Computer Science, University of California, Irvine, CA, USA. https://archive.ics.uci.edu/ml/datasets/Phishing+Websites. Accessed 10 Jan 2021
Jiang, Y., Tong, G., Yin, H., Xiong, N.: A pedestrian detection method based on genetic algorithm for optimize XGBoost training parameters. IEEE Access 7, 118310–118321 (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Mohammed, B.A., Al-Mekhlafi, Z.G. (2021). Optimized Stacking Ensemble Model to Detect Phishing Websites. In: Abdullah, N., Manickam, S., Anbar, M. (eds) Advances in Cyber Security. ACeS 2021. Communications in Computer and Information Science, vol 1487. Springer, Singapore. https://doi.org/10.1007/978-981-16-8059-5_23
Download citation
DOI: https://doi.org/10.1007/978-981-16-8059-5_23
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-8058-8
Online ISBN: 978-981-16-8059-5
eBook Packages: Computer ScienceComputer Science (R0)