Abstract
Phishing is an attack that deceit online users by means of masquerading as a genuine website to pilfer their classified or personal information. This is one among the recognized cybercrime. Disparate phishing website detection systems were recently developed for the purpose of detecting the phishing websites. However, they fail to attain the desired output and are suffered from countless drawbacks like lower accuracy and higher training time. For trouncing such drawbacks, this paper proposes an effectual Hybrid Deep Learning (HDL)-centric Phishing Detection System (PDS) using the MCS-DNN classifier. At first, pre-processing is done on the input dataset for ameliorating its quality. Subsequently, clustering and feature selection (FS) are performed to lessen the processing time and elevate the accuracy using CoK-means and CM-WOA, respectively. The features which are chosen during FS are fed into the MCS-DNN classifier, which classifies the legitimate websites and phishing websites. Lastly, the K-fold cross-validations (KCV) are employed for effectively predicting the proposed system’s accurateness. The outcomes highlight the robustness and predictive ability of the proposed PDS to distinguish the phishing as well as legitimate sites.
Similar content being viewed by others
Data availability
Data sharing is not applicable to this article as no datasets were generated or analyzed during the current study.
Abbreviations
- HDL:
-
Hybrid deep learning
- PDS:
-
Phishing detection system
- FS:
-
Feature selection
- KCV:
-
K-fold cross-validations
- MCS-DNN:
-
Modified crow search-based deep learning neural network
- CM-WOA:
-
Crossover mutation-based whale optimization algorithm
- DNN:
-
Deep learning neural networks
- RF:
-
Random forest
- PAs:
-
Phishing attacks
- PDS:
-
Phishing detection system
- CDF-g:
-
Cumulative distribution function-gradient
- FPRs:
-
False-positive rates
- CNN:
-
Convolutional neural network
- MHSA:
-
Multi-head self-attention
- LSTM:
-
Long short-term memory
- NLP:
-
Natural language processing
- DF :
-
Domain-based features
- KMC:
-
K-means clustering
- ED:
-
Euclidean distance
- FNR:
-
False-negative rates
- WOA:
-
Whale optimization algorithm
- CM:
-
Crossover mutation
- CM-WOA:
-
CM-based WOA’
- MCS:
-
Modified crow search
- HL:
-
Hidden layer
- ABC:
-
Ant bee colony
- PSOs:
-
Particle swarm optimizations
References
Sadique F, Kaul R, Badsha S, Sengupta S (2020) An automated framework for real-time phishing url detection. In: 10th annual computing and communication workshop and conference (CCWC). IEEE, pp 0335–0341. https://doi.org/10.1109/CCWC47524.2020.9031269
Paula Musuva MW, Getao KW, Chepken CK (2019) A new approach to modelling the effects of cognitive processing and threat detection on phishing susceptibility. Comput Hum Behav 94:154–175. https://doi.org/10.1016/j.chb.2018.12.036
Park G, Rayz J (2018) Ontological detection of phishing emails. In IEEE international conference on systems, man, and cybernetics (SMC), IEEE, pp 2858–2863. https://doi.org/10.1109/SMC.2018.00486
Churi T, Sawardekar P, Pardeshi A, Vartak P (2017) A secured methodology for anti-phishing. In: International conference on innovations in information, embedded and communication systems (ICIIECS), IEEE, pp 1–4. https://doi.org/10.1109/ICIIECS.2017.8276081
Hassan Abutair YA, Belghith A (2017) A multi-agent case-based reasoning architecture for phishing detection. Proc Comput Sci 110:492–497. https://doi.org/10.1016/j.procs.2017.06.131
Aravindhan, R., Shanmugalakshmi R, Ramya K, Selvan C (2016) Certain investigation on web application security: Phishing detection and phishing target discovery. In: 3rd international conference on advanced computing and communication systems (ICACCS), IEEE, vol 1, pp 1–10. https://doi.org/10.1109/ICACCS.2016.7586405
Basnet R, Mukkamala S, Sung AH (2008) Detection of phishing attacks: a machine learning approach. In: Soft computing applications in industry, Springer, Berlin, vol 226, pp 373–383. https://doi.org/10.1007/978-3-540-77465-5_19
Rahman SSMM, Islam T, Jabiullah MI (2020) PhishStack: evaluation of stacked generalization in phishing URLs detection. Proc Comput Sci 167:2410–2418. https://doi.org/10.1016/j.procs.2020.03.294
Anti-Phishing Working Group (2020) Phishing activity trends report, 4th quarter 2019. https://docs.apwg.org/reports/apwg_trends_report_q4_2019.pdf. Accessed 6: 12–16
Li Y, Zhenguo Yang Xu, Chen HY, Liu W (2019) A stacking model using URL and HTML features for phishing webpage detection. Futur Gener Comput Syst 94:27–39. https://doi.org/10.1016/j.future.2018.11.004
El Aassal A, Baki S, Das A, Verma RM (2020) An in-depth benchmarking and evaluation of phishing detection research for security needs. IEEE Access 8:22170–22192. https://doi.org/10.1109/ACCESS.2020.2969780
Zabihimayvan M, Doran D (2019) Fuzzy rough set feature selection to enhance phishing attack detection. In: IEEE international conference on fuzzy systems (FUZZ-IEEE), IEEE, pp 1–6. https://doi.org/10.1109/FUZZ-IEEE.2019.8858884
Patil S, Dhage S (2019) A methodical overview on phishing detection along with an organized way to construct an anti-phishing framework. In: 5th international conference on advanced computing & communication systems (ICACCS), IEEE, pp 588–593. https://doi.org/10.1109/ICACCS.2019.8728356
Yadollahi MM, Shoeleh F, Serkani E, Madani A, Gharaee H (2019) An adaptive machine learning based approach for phishing detection using hybrid features. In: 5th international conference on web research (ICWR), IEEE, pp 281–286. https://doi.org/10.1109/ICWR.2019.8765265
Barraclough P, Sexton G (2015) Phishing website detection fuzzy system modelling. In: Science and information conference (SAI), IEEE, pp 1384–1386. https://doi.org/10.1109/SAI.2015.7237323
Rao RS, Pais AR (2019) Jail-Phish: an improved search engine based phishing detection system. Comput Secur 83:246–267. https://doi.org/10.1016/J.COSE.2019.02.011
Rao RS, Vaishnavi T, Pais AR (2020) CatchPhish: detection of phishing websites by inspecting URLs. J Ambient Intell Humaniz Comput 11:813–825. https://doi.org/10.1007/s12652-019-01311-4
Pham C, Nguyen LAT, Tran NH, Huh E-N, Hong CS (2018) Phishing-aware: a neuro-fuzzy approach for anti-phishing on fog networks. IEEE Trans Netw Serv Manag 15(3):1076–1089. https://doi.org/10.1109/TNSM.2018.2831197
Chiew KL, Tan CL, Wong KokSheik, Yong KSC, Tiong WK (2019) A new hybrid ensemble feature selection framework for machine learning-based phishing detection system. Inf Sci 484:153–166. https://doi.org/10.1016/j.ins.2019.01.064
Christopher GN, Kim T, Corte RD, Avery J, Goldwasser D, Cinque M, Bagchi S (2018) Learning from the ones that got away: detecting new forms of phishing attacks. IEEE Trans Dependable Secure Comput 15(6):988–1001. https://doi.org/10.1109/TDSC.2018.2864993
Marchal S, François J, State R, Engel T (2014) Phishstorm: Detecting phishing with streaming analytics. IEEE Trans Netw Serv Manag 11(4):458–471. https://doi.org/10.1109/TNSM.2014.2377295
Sonowal G, Kuppusamy KS (2017) PhiDMA—a phishing detection model with multi-filter approach. J King Saud Univ Comput Inf Sci. https://doi.org/10.1016/j.jksuci.2017.07.005
Xiao X, Zhang D, Hu G, Jiang Y, Xia S (2020) CNN-MHSA: a convolutional neural network and multi-head self-attention combined approach for detecting phishing websites. Neural Netw. https://doi.org/10.1016/j.neunet.2020.02.013
Ozcan L, Catal C, Donmez E, Senturk B (2021) A hybrid DNN–LSTM model for detecting phishing URLs. Neural Comput Appl. https://doi.org/10.1007/s00521-021-06401-z
Rao RS, Pais AR (2019) Detection of phishing websites using an efficient feature-based machine learning framework. Neural Comput Appl 31:3851–3873. https://doi.org/10.17577/IJERTV9IS050888
Mohammad RM, Thabtah F, McCluskey L (2014) Predicting phishing websites based on self-structuring neural network. Neural Comput Appl 25:443–458. https://doi.org/10.1007/s00521-013-1490-z
Acknowledgements
We thank the anonymous referees for their useful suggestions.
Funding
This work has no funding resource.
Author information
Authors and Affiliations
Contributions
All authors contributed to the study conception and design. Material preparation, data collection and analysis were performed by JA, MK. The first draft of the manuscript was written by JA and all authors commented on previous versions of the manuscript. All authors read and approved the final manuscript.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Ethical approval
This article does not contain any studies with human participants or animals performed by any of the authors.
Consent of publication
Not applicable.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Anitha, J., Kalaiarasu, M. A new hybrid deep learning-based phishing detection system using MCS-DNN classifier. Neural Comput & Applic 34, 5867–5882 (2022). https://doi.org/10.1007/s00521-021-06717-w
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00521-021-06717-w