Detecting Phishing Websites Using Hybrid Methodologies

Year : 2024 | Volume : 15 | Issue : 03 | Page : 59 65
    By

    Gargi Deshpande,

  • Shreyas Katkar,

  • Tanvi Kangane,

  • Ayush Kumar Giri,

  • Diksha Kale,

  1. Student, Department of Computer Engineering, Pillai College of Engineering, Dr. K.M. Vasudevan Pillai Campus, New Panvel East, Panvel, Navi Mumbai, Maharashtra, India
  2. Student, Department of Computer Engineering, Pillai College of Engineering, Dr. K.M. Vasudevan Pillai Campus, New Panvel East, Panvel, Navi Mumbai, Maharashtra, India
  3. Student, Department of Computer Engineering, Pillai College of Engineering, Dr. K.M. Vasudevan Pillai Campus, New Panvel East, Panvel, Navi Mumbai, Maharashtra, India
  4. Student, Department of Computer Engineering, Pillai College of Engineering, Dr. K.M. Vasudevan Pillai Campus, New Panvel East, Panvel, Navi Mumbai, Maharashtra, India
  5. Assistant Professor, Department of Computer Engineering, Pillai College of Engineering, Dr. K.M. Vasudevan Pillai Campus, New Panvel East, Panvel, Navi Mumbai, Maharashtra, India

Abstract

In the digital era, personal information theft has become a widespread and increasingly severe crime. Cybercriminals, often known as hackers, use deceptive strategies, with phishing websites being a major method for stealing confidential data. These fake websites imitate legitimate ones, tricking users into revealing sensitive personal and financial information, which has led to a rise in fraud cases. To address this escalating threat, a comprehensive research paper is proposed. This approach involves preprocessing datasets and analyzing attributes such as Internet Protocol (IP) addresses, universal resource location (URL) length, and web traffic statistics to differentiate phishing websites from genuine ones. Feature extraction is performed using deep learning methods, such as convolutional neural networks (CNN) and gated recurrent units (GRU). A hybrid model that integrates machine learning with transformer and GRU components is used, demonstrating better performance than traditional methods like long short-term memory (LSTM), Naïve Bayes, and support vector machines (SVM). The study aims to identify phishing URLs and determine the most effective machine learning method by comparing each algorithm’s accuracy, false positive rate, and false negative rate. The proposed method was evaluated using 156,422 malicious sites and 392,924 legitimate sites, and it was found to be more effective in detecting malicious URLs compared to more recent methods.

Keywords: Phishing, legitimate, CNN-GRU, LightGBM, length normalization, uniform encoding, embedding layer, SoftMax

[This article belongs to Journal of Computer Technology & Applications ]

How to cite this article:
Gargi Deshpande, Shreyas Katkar, Tanvi Kangane, Ayush Kumar Giri, Diksha Kale. Detecting Phishing Websites Using Hybrid Methodologies. Journal of Computer Technology & Applications. 2024; 15(03):59-65.
How to cite this URL:
Gargi Deshpande, Shreyas Katkar, Tanvi Kangane, Ayush Kumar Giri, Diksha Kale. Detecting Phishing Websites Using Hybrid Methodologies. Journal of Computer Technology & Applications. 2024; 15(03):59-65. Available from: https://journals.stmjournals.com/jocta/article=2024/view=171873


References

  1. Yang P, Zhao G, Zeng P. Phishing website detection based on multidimensional features driven by deep learning. IEEE Access. 2019;7:15196–209. DOI: 10.1109/ACCESS.2019.2892066.
  2. Odeh A, Keshta I, Abdelfattah E. Machine learning techniques for detection of website phishing: A review of promises and challenges. In: 11th Annual Computing and Communication Workshop and Conference (CCWC); 2021. Las Vegas, USA; 0813–818.
  3. Wei Y, Sekiya Y. Sufficiency of ensemble machine learning methods for phishing websites detection. IEEE Access. 2022;10:124103–13. DOI: 10.1109/ACCESS.2022.3224781.
  4. Bhagwat MD, Patil PH, Vishawanath TS. A Methodical Overview on Detection, Identification and Proactive Prevention of Phishing Websites. In: Third International Conference on Intelligent Communication Technologies and Virtual Mobile Networks (ICICV); 2021. Coimbatore, India; 1505–1508. DOI: 10.1109/ICICV50876.2021.9388441.
  5. Zhou J, Cui H, Li X, Yang W, Wu X. A novel phishing website detection model based on LightGBM and domain name features. Symmetry. 2023;15:180. DOI: 10.3390/sym15010180.
  6. Alshingiti Z, Alaqel R, Al-Muhtadi J, Haq QEU, Saleem K, Faheem MH. A deep learning-based phishing detection system using CNN, LSTM, and LSTM-CNN. Electronics. 2023;12:232. DOI: 10.3390/electronics12010232.
  7. Alswailem A, Alabdullah B, Alrumayh N, Alsedrani A. Detecting phishing websites using machine learning. In: 2nd International Conference on Computer Applications & Information Security (ICCAIS); 2019. 1–6. DOI: 10.1109/CAIS.2019.8769571.
  8. Xu Y, Chen G, Liu Q, Xu W, Zhang L, Wu J, Fan X. A phishing website detection and recognition method based on naive Bayes. In: 6th Information Technology and Mechatronics Engineering Conference (ITOEC); 2022. 1557–1562. DOI: 10.1109/ITOEC53115.2022.9734474.
  9. Yuan H, Chen X, Li Y, Yang Z, Liu W. Detecting phishing websites and targets based on URLs and webpage links. In: 24th International Conference on Pattern Recognition (ICPR); 2018. 3669–3674. DOI: 10.1109/ICPR.2018.8546262.
  10. Korkmaz M, Sahingoz OK, Diri B. Detection of phishing websites by using machine learning-based URL analysis. In: 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT); 2020. 1–7. DOI: 10.1109/ICCCNT49239.2020.9225561.
Regular Issue Subscription Original Research
Volume 15
Issue 03
Received 26/06/2024
Accepted 12/08/2024
Published 12/09/2024
197


My IP

PlumX Metrics