Skip to main content
SpringerLink
Log in

Optimization of URL-Based Phishing Websites Detection through Genetic Algorithms

  • Published:
Automatic Control and Computer Sciences Aims and scope Submit manuscript

Abstract

Website phishing is an online crime for obtaining secret information such as passwords, account numbers, and credit card details. Attackers lure users through attractive hyperlinks, in order to, redirect to the fake websites. Phishing detection through a machine-learning approach has become quite effective nowadays. In this research, the Uniform Resource Locator (URL) based phishing detection approach has been used. Machine-learning classifiers like Naïve Bayes, Iterative Dichotomiser-3 (ID3), K-Nearest Neighbor (KNN), Decision Tree and Random Forest used for the classification of legitimate and illegitimate websites. This classification would help in the detection of phishing websites. However, it has been observed that use of Genetic Algorithms (GAs) for feature selection can improve the detection accuracy. Our experimental results portrayed the use of Iterative Dichotomiser-3 (ID3) along with Yet Another Generating Genetic Algorithm (YAGGA) improves the detection accuracy up to 95%.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.
Fig. 6.
Fig. 7.
Fig. 8.
Fig. 9.
Fig. 10.

Similar content being viewed by others

REFERENCES

  1. Ludl, C., McAllister, S., Kirda, E., and Kruegel, C., On the effectiveness of techniques to detect phishing sites, in The Detection of Intrusions and Malware, and Vulnerability Assessment, Springer, 2007, pp. 20–39.

    Google Scholar 

  2. AWPG. APWG Phishing Activity Trends Report. https://www.antiphishing.org/resources/apwg-reports/. Accessed 2nd Quarter 2018.

  3. Basnet, R.B., Sung, A.H., and Liu, Q., Rule-based phishing attack detection, Proceedings of the International Conference on Security and Management-SAM'11, Las Vegas, NV, 2011.

  4. Abdul Ghani, A. and Nurul, A., Real-time detection of phishing websites, IEEE 7th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), Vancouver, BC, 2016.

  5. Volkamer, M., Renaud, K., Reinheimer, B., and Kunz, A., User experiences of torpedo: Tooltip-powered phishing email detection, Comput. Secur., 2017, vol. 71, pp. 100–113.

    Article  Google Scholar 

  6. Cao, Y., Han, W., and Le, Y., Anti-phishing based on automated individual white-list, Proceedings of the 4th ACM Workshop on Digital Identity, 2008.

  7. Chiew, K.L., Yong, K.S.C., and Tan, C.L., A survey of phishing attacks: Their types, vectors, and technical approaches, Expert Syst. Appl., 2018, vol. 106, pp. 1–20.

    Article  Google Scholar 

  8. Le, A., Markopoulou, A., and Faloutsos, M., Phishdef: URL names say it all, 2011 Proceedings IEEE INFOCOM, 2011, pp. 191–195.

  9. Gowtham, R. and Krishnamurthi, I., A comprehensive and efficacious architecture for detecting phishing web pages, Comput. Secur., 2014, vol. 40, pp. 23–37.

    Article  Google Scholar 

  10. El-Alfy, E.S.M., Detection of phishing websites based on probabilistic neural networks and K-medoids clustering, Comput. J., 2017, vol. 60, no. 12, pp. 1745–1759.

    Article  Google Scholar 

  11. Zhang, W., Jiang, Q., Chen, L., and Li, C., Two-stage ELM for phishing Web pages detection using hybrid features, World Wide Web, 2017, vol. 20, no. 4, pp. 797–813.

    Article  Google Scholar 

  12. Google safe browsing API. https://developers.google.com/safe-browsing/. Accessed June 1, 2018.

  13. Jeeva, S.C. and Rajsingh, E.B., Intelligent phishing URL detection using association rule mining, Hum.-Centric Comput. Inf. Sci., 2017, vol. 6, no. 10.

  14. Buber, E., Diri, B., and Sahingoz, O.K., Detecting phishing attacks from URL by using NLP techniques, 2017 International Conference on Computer Science and Engineering (UBMK), 2017, pp. 337–342.

  15. Ramesh, G., Krishnamurthi, I., and Kumar, K. An efficacious method for detecting phishing web pages through target domain identification, Decis. Support Syst., 2014, pp. 12–22.

  16. James, J., Sandhya, L., and Thomas, C., Detection of phishing URLs using machine learning techniques, 2013 International Conference on Control Communication and Computing (ICCC), Thiruvananthapuram, 2013, pp. 304–309. https://doi.org/10.1109/ICCC.2013.6731669

  17. Jain, A.K. and Gupta, B.B., A machine learning based approach for phishing detection using hyperlinks information, J. Ambient Intell. Hum. Comput., 2019, vol. 10, no. 5, pp. 2015–2028.

    Article  Google Scholar 

  18. Rami, M.M., Fadi, T., and Lee, M., An assessment of features related to phishing websites using an automated technique, IEEE International Conference For Internet Technology And Secured Transactions. ICITST 2012, London, 2012, pp. 492–497.

  19. Phishing Dataset. https://archive.ics.uci.edu/ml/datasets/phishing+websites. Accessed April 25, 2018.

  20. Goldberg, G.E., Genetic Algorithms in Search, Optimization and Machine Learning, New York: Addison-Wesley, 1989.

    MATH  Google Scholar 

  21. Michalewicz, Z. Genetic Algorithms+Data Structures=Evolution Programs, New York: Springer, 1999, 3rd ed.

    MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Systems and Technology, University of Management and Technology, 54770, Lahore, Pakistan

    Muhammad Taseer Suleman &  Shahid Mahmood Awan

Authors
  1. Muhammad Taseer Suleman
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shahid Mahmood Awan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Muhammad Taseer Suleman or Shahid Mahmood Awan.

Ethics declarations

The authors declare that they have no conflict of interest.

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Muhammad Taseer Suleman, Shahid Mahmood Awan Optimization of URL-Based Phishing Websites Detection through Genetic Algorithms. Aut. Control Comp. Sci. 53, 333–341 (2019). https://doi.org/10.3103/S0146411619040102

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S0146411619040102

Keywords:

Search

Navigation