Back to Search Start Over

Phishing URL Detection Through Top-level Domain Analysis: A Descriptive Approach

Authors :
Christou, Orestis
Pitropakis, Nikolaos
Papadopoulos, Pavlos
McKeown, Sean
Buchanan, William J.
Source :
ICISSP, Volume 1, pages 289-298 (2020)
Publication Year :
2020

Abstract

Phishing is considered to be one of the most prevalent cyber-attacks because of its immense flexibility and alarmingly high success rate. Even with adequate training and high situational awareness, it can still be hard for users to continually be aware of the URL of the website they are visiting. Traditional detection methods rely on blocklists and content analysis, both of which require time-consuming human verification. Thus, there have been attempts focusing on the predictive filtering of such URLs. This study aims to develop a machine-learning model to detect fraudulent URLs which can be used within the Splunk platform. Inspired from similar approaches in the literature, we trained the SVM and Random Forests algorithms using malicious and benign datasets found in the literature and one dataset that we created. We evaluated the algorithms' performance with precision and recall, reaching up to 85% precision and 87% recall in the case of Random Forests while SVM achieved up to 90% precision and 88% recall using only descriptive features.<br />Comment: In Proceedings of the 6th ICISSP

Details

Database :
arXiv
Journal :
ICISSP, Volume 1, pages 289-298 (2020)
Publication Type :
Report
Accession number :
edsarx.2005.06599
Document Type :
Working Paper
Full Text :
https://doi.org/10.5220/0008902202890298