ARCHIVES
Original Article
Phish Catcher: Client-Side Defense against Web-Spoofing Attacks Using Machine Learning
Dr. K.N.S. Lakshmi1
Suvvari Pavan Kumar2
Vudutala Srihari3
Kadavati Manohar4
Pappala Srinidhi5
1Professor, Department of Computer Science Engineering Sanketika Vidya Parishad Engineering College, Visakhapatnam, Andhra Pradesh, India. 2345 Department of Computer Science Engineering Sanketika Vidya Parishad Engineering College, Visakhapatnam, Andhra Pradesh, India.
Published Online: March-April 2024
Pages: 08-14
Cite this article
↗ https://www.doi.org/10.59256/ijrtmr.20240402016
References
1. W. Khan, A. Ahmad, A. Qamar, M. Kamran, and M. Altaf, ‘‘SpoofCatch: A client-side protection tool against phishing attacks,’’ IT
Prof., vol. 23, no. 2, pp. 65–74, Mar. 2021.
2. B. Schneier, ‘‘Two-factor authentication: Too little, too late,’’ Commun. ACM, vol. 48, no. 4, p. 136, Apr. 2005.
3. S. Garera, N. Provos, M. Chew, and A. D. Rubin, ‘‘A framework for detection and measurement of phishing attacks,’’ in Proc. ACM
Workshop Recurring malcode, Nov. 2007, pp. 1–8.
4. R. Oppliger and S. Gajek, ‘‘Effective protection against phishing and web spoofing,’’ in Proc. IFIP Int. Conf. Commun. Multimedia
Secur. Cham, Switzerland: Springer, 2005, pp. 32–41.
5. T. Pietraszek and C. V. Berghe, ‘‘Defending against injection attacks through context-sensitive string evaluation,’’ in Proc. Int.
Workshop Recent Adv. Intrusion Detection. Cham, Switzerland: Springer, 2005, pp. 124–145.
6. M. Johns, B. Braun, M. Schrank, and J. Posegga, ‘‘Reliable protection against session fixation attacks,’’ in Proc. ACM Symp. Appl.
Comput., 2011, pp. 1531–1537.
7. M. Bugliesi, S. Calzavara, R. Focardi, and W. Khan, ‘‘Automatic and robust client-side protection for cookie-based sessions,’’ in Proc.
Int. Symp. Eng. Secure Softw. Syst. Cham, Switzerland: Springer, 2014, pp. 161–178.
8. A. Herzberg and A. Gbara, ‘‘Protecting (even naıve) web users from spoofing and phishing attacks,’’ Cryptol. ePrint Arch., Dept.
Comput. Sci. Eng., Univ. Connecticut, Storrs, CT, USA, Tech. Rep. 2004/155, 2004.
9. N. Chou, R. Ledesma, Y. Teraguchi, and J. Mitchell, ‘‘Client-side defense against web-based identity theft,’’ in Proc. NDSS, 2004, 1–
16.
10. B. Hämmerli and R. Sommer, Detection of Intrusions and Malware, and Vulnerability Assessment: 4th International Conference,
DIMVA 2007 Lucerne, Switzerland, July 12-13, 2007 Proceedings, vol. 4579. Cham, Switzerland: Springer, 2007.
11. C. Yue and H. Wang, ‘‘BogusBiter: A transparent protection against phishing attacks,’’ ACM Trans. Internet Technol., vol. 10, no. 2,
pp. 1–31, May 2010.
12. W. Chu, B. B. Zhu, F. Xue, X. Guan, and Z. Cai, ‘‘Protect sensitive sites from phishing attacks using features extractable from
inaccessible phishing URLs,’’ in Proc. IEEE Int. Conf. Commun. (ICC), Jun. 2013, pp. 1990–1994.
13. Y. Zhang, J. I. Hong, and L. F. Cranor, ‘‘Cantina: A content-based approach to detecting phishing web sites,’’ in Proc. 16th Int. Conf.
World Wide Web, May 2007, pp. 639–648.
14. D. Miyamoto, H. Hazeyama, and Y. Kadobayashi, ‘‘An evaluation of machine learning-based methods for detection of phishing sites,’’
in Proc. Int. Conf. Neural Inf. Process. Cham, Switzerland: Springer, 2008, pp. 539–546.
15. E. Medvet, E. Kirda, and C. Kruegel, ‘‘Visual-similarity-based phishing detection,’’ in Proc. 4th Int. Conf. Secur. privacy Commun.
Netowrks, Sep. 2008, pp. 1–6.
16. W. Zhang, H. Lu, B. Xu, and H. Yang, ‘‘Web phishing detection based on page spatial layout similarity,’’ Informatica, vol. 37, no. 3,
pp. 1–14, 2013.
17. J. Ni, Y. Cai, G. Tang, and Y. Xie, ‘‘Collaborative filtering recommendation algorithm based on TF-IDF and user characteristics,’’
Appl. Sci., vol. 11, no. 20, p. 9554, Oct. 2021.
18. W. Liu, X. Deng, G. Huang, and A. Y. Fu, ‘‘An antiphishing strategy based on visual similarity assessment,’’ IEEE Internet Comput.,
vol. 10, no. 2, pp. 58–65, Mar. 2006.
19. A. Rusu and V. Govindaraju, ‘‘Visual CAPTCHA with handwritten image analysis,’’ in Proc. Int. Workshop Human Interact. Proofs.
Berlin, Germany: Springer, 2005, pp. 42–52.
20. P. Yang, G. Zhao, and P. Zeng, ‘‘Phishing website detection based on multidimensional features driven by deep learning,’’ IEEE
Access, vol. 7, pp. 15196–15209, 2019.
21. P. Sornsuwit and S. Jaiyen, ‘‘A new hybrid machine learning for cybersecurity threat detection based on adaptive boosting,’’ Appl.
Artif. Intell., vol. 33, no. 5, pp. 462–482, Apr. 2019.
22. S. Kaur and S. Sharma, ‘‘Detection of phishing websites using the hybrid approach,’’ Int. J. Advance Res. Eng. Technol., vol. 3, no. 8,
pp. 54–57, 2015.
23. W. W. Cohen, ‘‘Fast effective rule induction,’’ in Machine Learning Proceedings. Amsterdam, The Netherlands: Elsevier, 1995, pp.
115–123.
24. V. Muppavarapu, A. Rajendran, and S. K. Vasudevan, ‘‘Phishing detection using RDF and random forests,’’ Int. Arab J. Inf. Technol.,
vol. 15, no. 5, pp. 817–824, 2018.
25. V. K. Nadar, B. Patel, V. Devmane, and U. Bhave, ‘‘Detection of phishing websites using machine learning approach,’’ in Proc. 2nd
Global Conf. Advancement Technol. (GCAT). Rajasthan, Jaipur, India: Amity University, Oct. 2021, pp. 1–8.
26. J. Mao, W. Tian, P. Li, T. Wei, and Z. Liang, ‘‘Phishing-alarm: Robust and efficient phishing detection via page component similarity,’’
IEEE Access, vol. 5, pp. 17020–17030, 2017.
27. N. C. R. L. Y. Teraguchi and J. C. Mitchell, ‘‘Client-side defense against web-based identity theft,’’ Dept. Comput. Sci., Stanford
Univ., Stanford, CA, USA, 2004. [Online]. Available: http://crypto.stanford. edu/SpoofGuard/webspoof.pdf
28. W. Ali, ‘‘Phishing website detection based on supervised machine learning with wrapper features selection,’’ Int. J. Adv. Comput. Sci.
Appl., vol. 8, no. 9, pp. 72–78, 2017.
29. A. Sharma and D. Upadhyay, ‘‘VDBSCAN clustering with map-reduce technique,’’ in Recent Findings in Intelligent Computing
Techniques. Singapore: Springer, 2018, pp. 305–314.
30. A. K. Jain and B. B. Gupta, ‘‘Comparative analysis of features based machine learning approaches for phishing detection,’’ in Proc.
3rd Int. Conf. Comput. Sustain. Global Develop. (INDIACom), Mar. 2016, pp. 2125–2130.
31. P. Rao, J. Gyani, and G. Narsimha, ‘‘Fake profiles identification in online social networks using machine learning and NLP,’’ Int. J.
Appl. Eng. Res., vol. 13, no. 6, pp. 973–4562, 2018.
32. G. Xiang, J. Hong, C. P. Rose, and L. Cranor, ‘‘CANTINA+: A featurerich machine learning framework for detecting phishing web
sites,’’ ACM Trans. Inf. Syst. Secur., vol. 14, no. 2, pp. 1–28, Sep. 2011.
33. V. S. Lakshmi and M. S. Vijaya, ‘‘Efficient prediction of phishing websites using supervised learning algorithms,’’ Proc. Eng., vol. 30,
pp. 798–805, 2012.
34. D. Sahoo, C. Liu, and S. C. H. Hoi, ‘‘Malicious URL detection using machine learning: A survey,’’ 2017, arXiv:1701.07179.
35. E. Kremic and A. Subasi, ‘‘Performance of random forest and SVM in face recognition,’’ Int. Arab J. Inf. Technol., vol. 13, no. 2, pp.
287–293, 2016.
36. K. Yu, L. Tan, S. Mumtaz, S. Al-Rubaye, A. Al-Dulaimi, A. K. Bashir, and F. A. Khan, ‘‘Securing critical infrastructures: Deep-learning-
based threat detection in IIoT,’’ IEEE Commun. Mag., vol. 59, no. 10, pp. 76–82, Oct. 2021.
37. P. Chen, L. Desmet, and C. Huygens, ‘‘A study on advanced persistent threats,’’ in Communications and Multimedia Security. Aveiro,
Portugal: Springer, Sep. 2014, pp. 63–72.
38. E. Sisinni, A. Saifullah, S. Han, U. Jennehag, and M. Gidlund, ‘‘Industrial Internet of Things: Challenges, opportunities, and
directions,’’ IEEE Trans. Ind. Informat., vol. 14, no. 11, pp. 4724–4734, Nov. 2018.
39. S. Alaparthi and M. Mishra, ‘‘Bidirectional encoder representations from transformers (BERT): A sentiment analysis Odyssey,’’ 2020,
arXiv:2007.01127.
40. P. A. Barraclough, M. A. Hossain, M. A. Tahir, G. Sexton, and N. Aslam, ‘‘Intelligent phishing detection and protection scheme for
online transactions,’’ Exp. Syst. Appl., vol. 40, no. 11, pp. 4697–4706, Sep. 2013.
41. S. Van Acker, D. Hausknecht, and A. Sabelfeld, ‘‘Measuring login webpage security,’’ in Proc. Symp. Appl. Comput., Apr. 2017, pp.
1753–1760.
42. J. Ma, L. K. Saul, S. Savage, and G. M. Voelker, ‘‘Identifying suspicious URLs: An application of large-scale online learning,’’ in
Proc. 26th Annu. Int. Conf. Mach. Learn., Jun. 2009, pp. 681–688.
43. I. Fette, N. Sadeh, and A. Tomasic, ‘‘Learning to detect phishing emails,’’ in Proc. 16th Int. Conf. World Wide Web, May 2007, pp.
649–656.
44. M. G. Alkhozae and O. A. Batarfi, ‘‘Phishing websites detection based on phishing characteristics in the webpage source code,’’ Int.
J. Inf. Commun. Technol. Res., vol. 1, no. 6, pp. 1–9, 2011.
45. P. Kumaraguru, Y. Rhee, A. Acquisti, L. F. Cranor, J. Hong, and E. Nunge, ‘‘Protecting people from phishing: The design and
evaluation of an embedded training email system,’’ in Proc. SIGCHI Conf. Human Factors Comput. Syst., Apr. 2007, pp. 905–914.
46. Y. Cao, W. Han, and Y. Le, ‘‘Anti-phishing based on automated individual white-list,’’ in Proc. 4th ACM workshop Digit. identity
Manage., Oct. 2008, pp. 51–60.
47. C. Whittaker, B. Ryner, and M. Nazif, ‘‘Large-scale automatic classification of phishing pages,’’ in Proc. Netw. Distrib. Syst. Secur.
Symp. (NDSS), San Diego, CA, USA, Feb./Mar. 2010.
48. M. Zouina and B. Outtaj, ‘‘A novel lightweight URL phishing detection system using SVM and the similarity index,’’ Human-Centric
Comput. Inf. Sci., vol. 7, no. 1, p. 17, Dec. 2017.
49. J. Ma, L. K. Saul, S. Savage, and G. M. Voelker, ‘‘Beyond blacklists: Learning to detect malicious web sites from suspicious URLs,’’
in Proc. 15th ACM SIGKDD Int. Conf. Knowl. Discovery Data Mining, Jun. 2009, pp. 1245–1254.
50. M. Khonji, Y. Iraqi, and A. Jones, ‘‘Lexical URL analysis for discriminating phishing and legitimate websites,’’ in Proc. 8th Annu.
Collaboration, Electron. Messaging, Anti-Abuse Spam Conf., Sep. 2011, pp. 109–115.
51. M. Khonji and Y. Iraqi, ‘‘Enhancing phishing e-mail classifiers: A lexical URL analysis approach,’’ Int. J. Inf. Secur. Res., vol. 2, nos.
1–2, p. 40, 2012.
52. V. P. Reddy, V. Radha, and M. Jindal, ‘‘Client-side protection from phishing attack,’’ Int. J. Adv. Eng. Sci. Technol., vol. 3, no. 1, pp.
39–45, 2011.
53. Z. Li, K. Zhang, Y. Xie, F. Yu, and X. Wang, ‘‘Knowing your enemy: Understanding and detecting malicious web advertising,’’ in
Proc. ACM Conf. Comput. Commun. Secur., Oct. 2012, pp. 674–686.
54. Y. Mansour, S. Muthukrishnan, and N. Nisan, ‘‘Doubleclick AD exchange auction,’’ 2012, arXiv:1204.0535.
55. S. Bell and P. Komisarczuk, ‘‘An analysis of phishing blacklists: Google safe browsing, OpenPhish, and PhishTank,’’ in Proc.
Australas. Comput. Sci. Week Multiconference, Feb. 2020, pp. 1–11.
56. D. Canali, M. Cova, G. Vigna, and C. Kruegel, ‘‘Prophiler: A fast filter for the large-scale detection of malicious web pages,’’ inProc. 20th Int. Conf. World wide web, Mar. 2011, pp. 197–206.
57. S. Ford. Wepawet. (2009). [Online]. Available: http://wepawet.cs. ucsb.edu/index.php
58. M. Imran, M. H. Durad, F. A. Khan, and H. Abbas, ‘‘DAISY: A detection and mitigation system against denial-of-service attacks in
software-defined networks,’’ IEEE Syst. J., vol. 14, no. 2, pp. 1933–1944, Jun. 2020.
59. Q. Yan, F. R. Yu, Q. Gong, and J. Li, ‘‘Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud
computing environments: A survey, some research issues, and challenges,’’ IEEE Commun. Surveys Tuts., vol. 18, no. 1, pp. 602–622,
1st Quart., 2016.
60. A. Subasi, E. Molah, F. Almkallawi, and T. J. Chaudhery, ‘‘Intelligent phishing website detection using random forest classifier,’’ in
Proc. Int. Conf. Electr. Comput. Technol. Appl. (ICECTA), Nov. 2017, pp. 1–5.
61. M. Bugliesi, S. Calzavara, R. Focardi, and W. Khan, ‘‘CookiExt: Patching the browser against session hijacking attacks,’’ J. Comput.
Secur., vol. 23, no. 4, pp. 509–537, Sep. 2015.
62. R. M. Mohammad, F. Thabtah, and L. McCluskey, ‘‘Phishing websites features,’’ School Comput. Eng., Univ. Huddersfield, West
Yorkshire, U.K., Tech. Rep., 2015. [Online]. Available: http://eprints.hud.ac.uk/id/
eprint/24330/6/MohammadPhishing14July2015.pdf
63. D. Dua and C. Graff. (2017). UCI Machine Learning Repository. [Online]. Available: http://archive.ics.uci.edu/ml
64. M. Jalalian and M. Dadkhah, ‘‘The full story of 90 hijacked journals from August 2011 to June 2015,’’ Geographica Pannonica, vol.
19, no. 2, pp. 73–87, 2015.
65. F. A. Khan and A. Gumaei, ‘‘A comparative study of machine learning classifiers for network intrusion detection,’’ in Artificial
Intelligence and Security. New York, NY, USA: Springer, Jun. 2019, pp. 75–86.
66. N. Moustafa and J. Slay, ‘‘The significant features of the UNSW-NB15 and the KDD99 data sets for network intrusion detection
systems,’’ in Proc. 4th Int. Workshop Building Anal. Datasets Gathering Exper. Returns Secur. (BADGERS), Nov. 2015, pp. 25–31.
67. Y. T. Ho, C. Wu, M. Yang, T. Chen, and Y. Chang, ‘‘Replanting your forest: NVM-friendly bagging strategy for random forest,’’ in
Proc. IEEE Non-Volatile Memory Syst. Appl. Symp. (NVMSA), Aug. 2019, pp. 1–6.
68. G. Sonowal and K. S. Kuppusamy, ‘‘PhiDMA—A phishing detection model with multi-filter approach,’’ J. King Saud Univ. Comput.
Inf. Sci., vol. 32, no. 1, pp. 99–112, Jan. 2020.
69. Y. Zhang, S. Egelman, L. Cranor, and J. Hong, ‘‘Phinding phish: Evaluating anti-phishing tools,’’ Carnegie Mellon Univ., 2018, doi:
10.1184/R1/6470321.v1.
70. A. K. Jain and B. B. Gupta, ‘‘A machine learning based approach for phishing detection using hyperlinks information,’’ J. Ambient
Intell. Humanized Comput., vol. 10, no. 5, pp. 2015–2028, May 2019.
Prof., vol. 23, no. 2, pp. 65–74, Mar. 2021.
2. B. Schneier, ‘‘Two-factor authentication: Too little, too late,’’ Commun. ACM, vol. 48, no. 4, p. 136, Apr. 2005.
3. S. Garera, N. Provos, M. Chew, and A. D. Rubin, ‘‘A framework for detection and measurement of phishing attacks,’’ in Proc. ACM
Workshop Recurring malcode, Nov. 2007, pp. 1–8.
4. R. Oppliger and S. Gajek, ‘‘Effective protection against phishing and web spoofing,’’ in Proc. IFIP Int. Conf. Commun. Multimedia
Secur. Cham, Switzerland: Springer, 2005, pp. 32–41.
5. T. Pietraszek and C. V. Berghe, ‘‘Defending against injection attacks through context-sensitive string evaluation,’’ in Proc. Int.
Workshop Recent Adv. Intrusion Detection. Cham, Switzerland: Springer, 2005, pp. 124–145.
6. M. Johns, B. Braun, M. Schrank, and J. Posegga, ‘‘Reliable protection against session fixation attacks,’’ in Proc. ACM Symp. Appl.
Comput., 2011, pp. 1531–1537.
7. M. Bugliesi, S. Calzavara, R. Focardi, and W. Khan, ‘‘Automatic and robust client-side protection for cookie-based sessions,’’ in Proc.
Int. Symp. Eng. Secure Softw. Syst. Cham, Switzerland: Springer, 2014, pp. 161–178.
8. A. Herzberg and A. Gbara, ‘‘Protecting (even naıve) web users from spoofing and phishing attacks,’’ Cryptol. ePrint Arch., Dept.
Comput. Sci. Eng., Univ. Connecticut, Storrs, CT, USA, Tech. Rep. 2004/155, 2004.
9. N. Chou, R. Ledesma, Y. Teraguchi, and J. Mitchell, ‘‘Client-side defense against web-based identity theft,’’ in Proc. NDSS, 2004, 1–
16.
10. B. Hämmerli and R. Sommer, Detection of Intrusions and Malware, and Vulnerability Assessment: 4th International Conference,
DIMVA 2007 Lucerne, Switzerland, July 12-13, 2007 Proceedings, vol. 4579. Cham, Switzerland: Springer, 2007.
11. C. Yue and H. Wang, ‘‘BogusBiter: A transparent protection against phishing attacks,’’ ACM Trans. Internet Technol., vol. 10, no. 2,
pp. 1–31, May 2010.
12. W. Chu, B. B. Zhu, F. Xue, X. Guan, and Z. Cai, ‘‘Protect sensitive sites from phishing attacks using features extractable from
inaccessible phishing URLs,’’ in Proc. IEEE Int. Conf. Commun. (ICC), Jun. 2013, pp. 1990–1994.
13. Y. Zhang, J. I. Hong, and L. F. Cranor, ‘‘Cantina: A content-based approach to detecting phishing web sites,’’ in Proc. 16th Int. Conf.
World Wide Web, May 2007, pp. 639–648.
14. D. Miyamoto, H. Hazeyama, and Y. Kadobayashi, ‘‘An evaluation of machine learning-based methods for detection of phishing sites,’’
in Proc. Int. Conf. Neural Inf. Process. Cham, Switzerland: Springer, 2008, pp. 539–546.
15. E. Medvet, E. Kirda, and C. Kruegel, ‘‘Visual-similarity-based phishing detection,’’ in Proc. 4th Int. Conf. Secur. privacy Commun.
Netowrks, Sep. 2008, pp. 1–6.
16. W. Zhang, H. Lu, B. Xu, and H. Yang, ‘‘Web phishing detection based on page spatial layout similarity,’’ Informatica, vol. 37, no. 3,
pp. 1–14, 2013.
17. J. Ni, Y. Cai, G. Tang, and Y. Xie, ‘‘Collaborative filtering recommendation algorithm based on TF-IDF and user characteristics,’’
Appl. Sci., vol. 11, no. 20, p. 9554, Oct. 2021.
18. W. Liu, X. Deng, G. Huang, and A. Y. Fu, ‘‘An antiphishing strategy based on visual similarity assessment,’’ IEEE Internet Comput.,
vol. 10, no. 2, pp. 58–65, Mar. 2006.
19. A. Rusu and V. Govindaraju, ‘‘Visual CAPTCHA with handwritten image analysis,’’ in Proc. Int. Workshop Human Interact. Proofs.
Berlin, Germany: Springer, 2005, pp. 42–52.
20. P. Yang, G. Zhao, and P. Zeng, ‘‘Phishing website detection based on multidimensional features driven by deep learning,’’ IEEE
Access, vol. 7, pp. 15196–15209, 2019.
21. P. Sornsuwit and S. Jaiyen, ‘‘A new hybrid machine learning for cybersecurity threat detection based on adaptive boosting,’’ Appl.
Artif. Intell., vol. 33, no. 5, pp. 462–482, Apr. 2019.
22. S. Kaur and S. Sharma, ‘‘Detection of phishing websites using the hybrid approach,’’ Int. J. Advance Res. Eng. Technol., vol. 3, no. 8,
pp. 54–57, 2015.
23. W. W. Cohen, ‘‘Fast effective rule induction,’’ in Machine Learning Proceedings. Amsterdam, The Netherlands: Elsevier, 1995, pp.
115–123.
24. V. Muppavarapu, A. Rajendran, and S. K. Vasudevan, ‘‘Phishing detection using RDF and random forests,’’ Int. Arab J. Inf. Technol.,
vol. 15, no. 5, pp. 817–824, 2018.
25. V. K. Nadar, B. Patel, V. Devmane, and U. Bhave, ‘‘Detection of phishing websites using machine learning approach,’’ in Proc. 2nd
Global Conf. Advancement Technol. (GCAT). Rajasthan, Jaipur, India: Amity University, Oct. 2021, pp. 1–8.
26. J. Mao, W. Tian, P. Li, T. Wei, and Z. Liang, ‘‘Phishing-alarm: Robust and efficient phishing detection via page component similarity,’’
IEEE Access, vol. 5, pp. 17020–17030, 2017.
27. N. C. R. L. Y. Teraguchi and J. C. Mitchell, ‘‘Client-side defense against web-based identity theft,’’ Dept. Comput. Sci., Stanford
Univ., Stanford, CA, USA, 2004. [Online]. Available: http://crypto.stanford. edu/SpoofGuard/webspoof.pdf
28. W. Ali, ‘‘Phishing website detection based on supervised machine learning with wrapper features selection,’’ Int. J. Adv. Comput. Sci.
Appl., vol. 8, no. 9, pp. 72–78, 2017.
29. A. Sharma and D. Upadhyay, ‘‘VDBSCAN clustering with map-reduce technique,’’ in Recent Findings in Intelligent Computing
Techniques. Singapore: Springer, 2018, pp. 305–314.
30. A. K. Jain and B. B. Gupta, ‘‘Comparative analysis of features based machine learning approaches for phishing detection,’’ in Proc.
3rd Int. Conf. Comput. Sustain. Global Develop. (INDIACom), Mar. 2016, pp. 2125–2130.
31. P. Rao, J. Gyani, and G. Narsimha, ‘‘Fake profiles identification in online social networks using machine learning and NLP,’’ Int. J.
Appl. Eng. Res., vol. 13, no. 6, pp. 973–4562, 2018.
32. G. Xiang, J. Hong, C. P. Rose, and L. Cranor, ‘‘CANTINA+: A featurerich machine learning framework for detecting phishing web
sites,’’ ACM Trans. Inf. Syst. Secur., vol. 14, no. 2, pp. 1–28, Sep. 2011.
33. V. S. Lakshmi and M. S. Vijaya, ‘‘Efficient prediction of phishing websites using supervised learning algorithms,’’ Proc. Eng., vol. 30,
pp. 798–805, 2012.
34. D. Sahoo, C. Liu, and S. C. H. Hoi, ‘‘Malicious URL detection using machine learning: A survey,’’ 2017, arXiv:1701.07179.
35. E. Kremic and A. Subasi, ‘‘Performance of random forest and SVM in face recognition,’’ Int. Arab J. Inf. Technol., vol. 13, no. 2, pp.
287–293, 2016.
36. K. Yu, L. Tan, S. Mumtaz, S. Al-Rubaye, A. Al-Dulaimi, A. K. Bashir, and F. A. Khan, ‘‘Securing critical infrastructures: Deep-learning-
based threat detection in IIoT,’’ IEEE Commun. Mag., vol. 59, no. 10, pp. 76–82, Oct. 2021.
37. P. Chen, L. Desmet, and C. Huygens, ‘‘A study on advanced persistent threats,’’ in Communications and Multimedia Security. Aveiro,
Portugal: Springer, Sep. 2014, pp. 63–72.
38. E. Sisinni, A. Saifullah, S. Han, U. Jennehag, and M. Gidlund, ‘‘Industrial Internet of Things: Challenges, opportunities, and
directions,’’ IEEE Trans. Ind. Informat., vol. 14, no. 11, pp. 4724–4734, Nov. 2018.
39. S. Alaparthi and M. Mishra, ‘‘Bidirectional encoder representations from transformers (BERT): A sentiment analysis Odyssey,’’ 2020,
arXiv:2007.01127.
40. P. A. Barraclough, M. A. Hossain, M. A. Tahir, G. Sexton, and N. Aslam, ‘‘Intelligent phishing detection and protection scheme for
online transactions,’’ Exp. Syst. Appl., vol. 40, no. 11, pp. 4697–4706, Sep. 2013.
41. S. Van Acker, D. Hausknecht, and A. Sabelfeld, ‘‘Measuring login webpage security,’’ in Proc. Symp. Appl. Comput., Apr. 2017, pp.
1753–1760.
42. J. Ma, L. K. Saul, S. Savage, and G. M. Voelker, ‘‘Identifying suspicious URLs: An application of large-scale online learning,’’ in
Proc. 26th Annu. Int. Conf. Mach. Learn., Jun. 2009, pp. 681–688.
43. I. Fette, N. Sadeh, and A. Tomasic, ‘‘Learning to detect phishing emails,’’ in Proc. 16th Int. Conf. World Wide Web, May 2007, pp.
649–656.
44. M. G. Alkhozae and O. A. Batarfi, ‘‘Phishing websites detection based on phishing characteristics in the webpage source code,’’ Int.
J. Inf. Commun. Technol. Res., vol. 1, no. 6, pp. 1–9, 2011.
45. P. Kumaraguru, Y. Rhee, A. Acquisti, L. F. Cranor, J. Hong, and E. Nunge, ‘‘Protecting people from phishing: The design and
evaluation of an embedded training email system,’’ in Proc. SIGCHI Conf. Human Factors Comput. Syst., Apr. 2007, pp. 905–914.
46. Y. Cao, W. Han, and Y. Le, ‘‘Anti-phishing based on automated individual white-list,’’ in Proc. 4th ACM workshop Digit. identity
Manage., Oct. 2008, pp. 51–60.
47. C. Whittaker, B. Ryner, and M. Nazif, ‘‘Large-scale automatic classification of phishing pages,’’ in Proc. Netw. Distrib. Syst. Secur.
Symp. (NDSS), San Diego, CA, USA, Feb./Mar. 2010.
48. M. Zouina and B. Outtaj, ‘‘A novel lightweight URL phishing detection system using SVM and the similarity index,’’ Human-Centric
Comput. Inf. Sci., vol. 7, no. 1, p. 17, Dec. 2017.
49. J. Ma, L. K. Saul, S. Savage, and G. M. Voelker, ‘‘Beyond blacklists: Learning to detect malicious web sites from suspicious URLs,’’
in Proc. 15th ACM SIGKDD Int. Conf. Knowl. Discovery Data Mining, Jun. 2009, pp. 1245–1254.
50. M. Khonji, Y. Iraqi, and A. Jones, ‘‘Lexical URL analysis for discriminating phishing and legitimate websites,’’ in Proc. 8th Annu.
Collaboration, Electron. Messaging, Anti-Abuse Spam Conf., Sep. 2011, pp. 109–115.
51. M. Khonji and Y. Iraqi, ‘‘Enhancing phishing e-mail classifiers: A lexical URL analysis approach,’’ Int. J. Inf. Secur. Res., vol. 2, nos.
1–2, p. 40, 2012.
52. V. P. Reddy, V. Radha, and M. Jindal, ‘‘Client-side protection from phishing attack,’’ Int. J. Adv. Eng. Sci. Technol., vol. 3, no. 1, pp.
39–45, 2011.
53. Z. Li, K. Zhang, Y. Xie, F. Yu, and X. Wang, ‘‘Knowing your enemy: Understanding and detecting malicious web advertising,’’ in
Proc. ACM Conf. Comput. Commun. Secur., Oct. 2012, pp. 674–686.
54. Y. Mansour, S. Muthukrishnan, and N. Nisan, ‘‘Doubleclick AD exchange auction,’’ 2012, arXiv:1204.0535.
55. S. Bell and P. Komisarczuk, ‘‘An analysis of phishing blacklists: Google safe browsing, OpenPhish, and PhishTank,’’ in Proc.
Australas. Comput. Sci. Week Multiconference, Feb. 2020, pp. 1–11.
56. D. Canali, M. Cova, G. Vigna, and C. Kruegel, ‘‘Prophiler: A fast filter for the large-scale detection of malicious web pages,’’ inProc. 20th Int. Conf. World wide web, Mar. 2011, pp. 197–206.
57. S. Ford. Wepawet. (2009). [Online]. Available: http://wepawet.cs. ucsb.edu/index.php
58. M. Imran, M. H. Durad, F. A. Khan, and H. Abbas, ‘‘DAISY: A detection and mitigation system against denial-of-service attacks in
software-defined networks,’’ IEEE Syst. J., vol. 14, no. 2, pp. 1933–1944, Jun. 2020.
59. Q. Yan, F. R. Yu, Q. Gong, and J. Li, ‘‘Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud
computing environments: A survey, some research issues, and challenges,’’ IEEE Commun. Surveys Tuts., vol. 18, no. 1, pp. 602–622,
1st Quart., 2016.
60. A. Subasi, E. Molah, F. Almkallawi, and T. J. Chaudhery, ‘‘Intelligent phishing website detection using random forest classifier,’’ in
Proc. Int. Conf. Electr. Comput. Technol. Appl. (ICECTA), Nov. 2017, pp. 1–5.
61. M. Bugliesi, S. Calzavara, R. Focardi, and W. Khan, ‘‘CookiExt: Patching the browser against session hijacking attacks,’’ J. Comput.
Secur., vol. 23, no. 4, pp. 509–537, Sep. 2015.
62. R. M. Mohammad, F. Thabtah, and L. McCluskey, ‘‘Phishing websites features,’’ School Comput. Eng., Univ. Huddersfield, West
Yorkshire, U.K., Tech. Rep., 2015. [Online]. Available: http://eprints.hud.ac.uk/id/
eprint/24330/6/MohammadPhishing14July2015.pdf
63. D. Dua and C. Graff. (2017). UCI Machine Learning Repository. [Online]. Available: http://archive.ics.uci.edu/ml
64. M. Jalalian and M. Dadkhah, ‘‘The full story of 90 hijacked journals from August 2011 to June 2015,’’ Geographica Pannonica, vol.
19, no. 2, pp. 73–87, 2015.
65. F. A. Khan and A. Gumaei, ‘‘A comparative study of machine learning classifiers for network intrusion detection,’’ in Artificial
Intelligence and Security. New York, NY, USA: Springer, Jun. 2019, pp. 75–86.
66. N. Moustafa and J. Slay, ‘‘The significant features of the UNSW-NB15 and the KDD99 data sets for network intrusion detection
systems,’’ in Proc. 4th Int. Workshop Building Anal. Datasets Gathering Exper. Returns Secur. (BADGERS), Nov. 2015, pp. 25–31.
67. Y. T. Ho, C. Wu, M. Yang, T. Chen, and Y. Chang, ‘‘Replanting your forest: NVM-friendly bagging strategy for random forest,’’ in
Proc. IEEE Non-Volatile Memory Syst. Appl. Symp. (NVMSA), Aug. 2019, pp. 1–6.
68. G. Sonowal and K. S. Kuppusamy, ‘‘PhiDMA—A phishing detection model with multi-filter approach,’’ J. King Saud Univ. Comput.
Inf. Sci., vol. 32, no. 1, pp. 99–112, Jan. 2020.
69. Y. Zhang, S. Egelman, L. Cranor, and J. Hong, ‘‘Phinding phish: Evaluating anti-phishing tools,’’ Carnegie Mellon Univ., 2018, doi:
10.1184/R1/6470321.v1.
70. A. K. Jain and B. B. Gupta, ‘‘A machine learning based approach for phishing detection using hyperlinks information,’’ J. Ambient
Intell. Humanized Comput., vol. 10, no. 5, pp. 2015–2028, May 2019.
Related Articles
2024
Matrix Representation of Graph Theory in Hydrocarbons
2024
A Review of Development of Chemical Sensors
2024
Towards Detection and Attribution of Cyber Attacks in IoT Enabled Cyber-Physical Systems
2024
Implementation of Waste Management System
2024
To Study the Role of Forest –Based Industries in Promoting Trade
2024
