Abstract
Website phishing is an online crime for obtaining secret information such as passwords, account numbers, and credit card details. Attackers lure users through attractive hyperlinks, in order to, redirect to the fake websites. Phishing detection through a machine-learning approach has become quite effective nowadays. In this research, the Uniform Resource Locator (URL) based phishing detection approach has been used. Machine-learning classifiers like Naïve Bayes, Iterative Dichotomiser-3 (ID3), K-Nearest Neighbor (KNN), Decision Tree and Random Forest used for the classification of legitimate and illegitimate websites. This classification would help in the detection of phishing websites. However, it has been observed that use of Genetic Algorithms (GAs) for feature selection can improve the detection accuracy. Our experimental results portrayed the use of Iterative Dichotomiser-3 (ID3) along with Yet Another Generating Genetic Algorithm (YAGGA) improves the detection accuracy up to 95%.
Similar content being viewed by others
REFERENCES
Ludl, C., McAllister, S., Kirda, E., and Kruegel, C., On the effectiveness of techniques to detect phishing sites, in The Detection of Intrusions and Malware, and Vulnerability Assessment, Springer, 2007, pp. 20–39.
AWPG. APWG Phishing Activity Trends Report. https://www.antiphishing.org/resources/apwg-reports/. Accessed 2nd Quarter 2018.
Basnet, R.B., Sung, A.H., and Liu, Q., Rule-based phishing attack detection, Proceedings of the International Conference on Security and Management-SAM'11, Las Vegas, NV, 2011.
Abdul Ghani, A. and Nurul, A., Real-time detection of phishing websites, IEEE 7th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), Vancouver, BC, 2016.
Volkamer, M., Renaud, K., Reinheimer, B., and Kunz, A., User experiences of torpedo: Tooltip-powered phishing email detection, Comput. Secur., 2017, vol. 71, pp. 100–113.
Cao, Y., Han, W., and Le, Y., Anti-phishing based on automated individual white-list, Proceedings of the 4th ACM Workshop on Digital Identity, 2008.
Chiew, K.L., Yong, K.S.C., and Tan, C.L., A survey of phishing attacks: Their types, vectors, and technical approaches, Expert Syst. Appl., 2018, vol. 106, pp. 1–20.
Le, A., Markopoulou, A., and Faloutsos, M., Phishdef: URL names say it all, 2011 Proceedings IEEE INFOCOM, 2011, pp. 191–195.
Gowtham, R. and Krishnamurthi, I., A comprehensive and efficacious architecture for detecting phishing web pages, Comput. Secur., 2014, vol. 40, pp. 23–37.
El-Alfy, E.S.M., Detection of phishing websites based on probabilistic neural networks and K-medoids clustering, Comput. J., 2017, vol. 60, no. 12, pp. 1745–1759.
Zhang, W., Jiang, Q., Chen, L., and Li, C., Two-stage ELM for phishing Web pages detection using hybrid features, World Wide Web, 2017, vol. 20, no. 4, pp. 797–813.
Google safe browsing API. https://developers.google.com/safe-browsing/. Accessed June 1, 2018.
Jeeva, S.C. and Rajsingh, E.B., Intelligent phishing URL detection using association rule mining, Hum.-Centric Comput. Inf. Sci., 2017, vol. 6, no. 10.
Buber, E., Diri, B., and Sahingoz, O.K., Detecting phishing attacks from URL by using NLP techniques, 2017 International Conference on Computer Science and Engineering (UBMK), 2017, pp. 337–342.
Ramesh, G., Krishnamurthi, I., and Kumar, K. An efficacious method for detecting phishing web pages through target domain identification, Decis. Support Syst., 2014, pp. 12–22.
James, J., Sandhya, L., and Thomas, C., Detection of phishing URLs using machine learning techniques, 2013 International Conference on Control Communication and Computing (ICCC), Thiruvananthapuram, 2013, pp. 304–309. https://doi.org/10.1109/ICCC.2013.6731669
Jain, A.K. and Gupta, B.B., A machine learning based approach for phishing detection using hyperlinks information, J. Ambient Intell. Hum. Comput., 2019, vol. 10, no. 5, pp. 2015–2028.
Rami, M.M., Fadi, T., and Lee, M., An assessment of features related to phishing websites using an automated technique, IEEE International Conference For Internet Technology And Secured Transactions. ICITST 2012, London, 2012, pp. 492–497.
Phishing Dataset. https://archive.ics.uci.edu/ml/datasets/phishing+websites. Accessed April 25, 2018.
Goldberg, G.E., Genetic Algorithms in Search, Optimization and Machine Learning, New York: Addison-Wesley, 1989.
Michalewicz, Z. Genetic Algorithms+Data Structures=Evolution Programs, New York: Springer, 1999, 3rd ed.
Author information
Authors and Affiliations
Corresponding authors
Ethics declarations
The authors declare that they have no conflict of interest.
About this article
Cite this article
Muhammad Taseer Suleman, Shahid Mahmood Awan Optimization of URL-Based Phishing Websites Detection through Genetic Algorithms. Aut. Control Comp. Sci. 53, 333–341 (2019). https://doi.org/10.3103/S0146411619040102
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S0146411619040102