Comparative Evaluation of Techniques for Detection of Phishing URLs | SpringerLink
Skip to main content
Springer Nature Link
Log in

Comparative Evaluation of Techniques for Detection of Phishing URLs

  • Conference paper
  • First Online:
Applied Informatics (ICAI 2019)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1051))

Included in the following conference series:

Abstract

One of the popular cyberattacks today is phishing. It combines social engineering and online identity theft to delude Internet users into submitting their personal information to cybercriminals. Reports have shown continuous increase in the number and sophistication of this attack worldwide. Phishing Uniform Resource Locator (URL) is a malicious web address often created to look like legitimate URL, in order to deceive unsuspecting users. Many algorithms have been proposed to detect phishing URLs and classify them as benign or phishing. Most of these detection algorithms are based on machine learning and detect using inherent characteristics of the URLs. In this study, we examine the performance of a number of such techniques. The algorithms were tested using three publicly available datasets. Our results revealed, overall, the Random Forest algorithm as the best performing algorithm, achieving an accuracy of 97.3%.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 5719
Price includes VAT (Japan)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 7149
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Moghimi, M., Varjani, A.Y.: New rule-based phishing detection method. Expert Syst. Appl. 53, 231–242 (2016)

    Article  Google Scholar 

  2. Mohammad, R., Thabtah, F., Mccluskey, L.: Predicting phishing websites based on self-structuring neural network. Neural Comput. Appl. 25(2), 443–458 (2014)

    Article  Google Scholar 

  3. Sahoo, D., Liu, C., Hoi, S.C.H.: Malicious URL detection using machine learning: a survey. 1–21 http://arxiv.org/abs/1701.07179 (2017)

  4. Feroz, M.N., Mengel, S.: Phishing URL detection using URL ranking. In: IEEE International Congress on Big Data Phishing, pp. 635–638 (2015)

    Google Scholar 

  5. Oluwafemi, O., Adesuyi, F.A., Abdulhamid, S.M.: Combating terrorism with cybersecurity: the nigerian perspective. World J. Comput. Appl. Technol. 1(4), 103–109 (2013)

    Google Scholar 

  6. Garera, S., Provos, N., Chew, M., Rubin, A.D.: A framework for detection and measurement of phishing attacks. In: Proceedings of the 2007 ACM workshop on Recurring malcode - WORM 2007, pp. 1–8 (2007)

    Google Scholar 

  7. Huang, H., Qian, L., Wang, Y.: A SVM-based technique to detect phishing URLs. Inf. Technol. J. 11(7), 921–925 (2012)

    Article  Google Scholar 

  8. Abu-Nimeh, S., Nappa, D., Wang, X., Nair, S.: A comparison of machine learning techniques for phishing detection. In: Proceedings of the Anti-phishing Working Groups 2nd Annual eCrime Researchers Summit, pp. 60–69 (2007)

    Google Scholar 

  9. Lee, J., Kim, D., Lee, C.-H.: Heuristic-based approach for phishing site detection using URL features. In: 3rd International Conference on Advances in Computing, Electronics and Electrical Technology - CEET 2015, pp. 131–135

    Google Scholar 

  10. Jagatic, T.N., Johnson, N.A., Jakobsson, M., Menczer, F.: Social phishing. Commun. ACM 50(10), 94–100 (2007)

    Article  Google Scholar 

  11. Basnet, Ram B., Sung, Andrew H., Liu, Q.: Feature selection for improved phishing detection. In: Jiang, H., Ding, W., Ali, M., Wu, X. (eds.) IEA/AIE 2012. LNCS (LNAI), vol. 7345, pp. 252–261. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31087-4_27

    Chapter  Google Scholar 

  12. Fu, A.Y., Wenyin, L., Deng, X.: Detecting phishing web pages with visual similarity assessment based on earth mover’s distance (EMD). IEEE Trans. Dependable Secure Comput. 3(4), 301–311 (2006)

    Article  Google Scholar 

  13. Khonji, M., Iraqi, Y., Jones, A.: Lexical URL analysis for discriminating phishing and legitimate websites. In: Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference, pp. 109–115 (2011)

    Google Scholar 

  14. Marchal, S., Saari, K., Singh, N., Asokan, N.: Know your phish: novel techniques for detecting phishing sites and their targets. In: Proceedings - International Conference on Distributed Computing Systems 2016, vol. 2016–August, no. Sect. V, pp. 323–333 (2016)

    Google Scholar 

  15. Khonji, M., Iraqi, Y., Jones, A.: Phishing detection: a literature survey. IEEE Commun. Surv. Tutorials 15(4), 2091–2121 (2013)

    Article  Google Scholar 

  16. Bergholz, A., Paaß, G., Reichartz, F., Strobel, S., Birlinghoven, S.: Improved phishing detection using model-based features. In: Fifth Conference on Email and Anti-spam, CEAS (2008)

    Google Scholar 

  17. Khonji, M., Jones, A., Iraqi, Y.: A novel Phishing classification based on URL features. In: IEEE GCC Conference and Exhibition (GCC), pp. 221–224 (2011)

    Google Scholar 

  18. Ma, J., Saul, L.K., Savage, S., Voelker, G.M.: Learning to detect malicious URLs. ACM Trans. Intell. Syst. Technol. (TIST) 2(3), 30 (2011)

    Google Scholar 

  19. Miyamoto, D., Hazeyama, H., Kadobayashi, Y.: An evaluation of machine learning-based methods for detection of phishing sites. In: International Conference on Neural Information Processing, pp. 539–540 (2009)

    Chapter  Google Scholar 

  20. Zhang, J., Wang, Y.: A real-time automatic detection of phishing URLs. In: 2nd International Conference on Computer Science and Network Technology (ICCSNT), pp. 1212–1216 (2012)

    Google Scholar 

  21. Miyamoto, D., Hazeyama, H., Kadobayashi, Y.: An evaluation of machine learning-based methods for detection of phishing sites. In: International Conference on Neural Information Processing, pp. 539–546 (2008)

    Chapter  Google Scholar 

  22. Abdulhamid, S.M., et al.: A review on mobile SMS spam filtering techniques. IEEE Access 5, 15650–15666 (2017)

    Article  Google Scholar 

  23. Blanzieri, E., Bryl, A.: A survey of learning-based techniques of email spam filtering. Artif. Intell. Rev. 29(1), 63–92 (2008)

    Article  Google Scholar 

  24. Panigrahi, P.: A comparative study of supervised machine learning techniques for spam E-mail filtering. In: Proceedings - 4th International Conference on Computational Intelligence and Communication Networks, CICN 2012, pp. 506–512 (2012)

    Google Scholar 

  25. Abdulhamid, S.M., Shuaib, M., Osho, O.: Comparative analysis of classification algorithms for email spam detection. Int. J. Comput. Network Inf. Security 1, 60–67 (2018)

    Article  Google Scholar 

  26. Iqbal, M., Abid, M.M., Ahmad, M., Khurshid, F.: Study on the effectiveness of spam detection technologies. Int. J. Inf. Technol. Comput. Sci. 01, 11–21 (2016)

    Google Scholar 

  27. Aburrous, M., Hossain, M.A., Dahal, K., Thabtah, F.: Associative classification techniques for predicting e-banking phishing websites. In: International Conference on Multimedia Computing and Information Technology (MCIT), pp. 9–12 (2010)

    Google Scholar 

  28. Aburrous, M., Hossain, M.A., Dahal, K., Thabtah, F.: Intelligent detection system for e-banking phishing websites using fuzzy data mining. Expert Syst. Appl. 37(12), 7913–7921 (2010)

    Article  Google Scholar 

  29. Aburrous, M., Hossain, M.A., Dahal, K., Thabtah, F.: Predicting phishing websites using classification mining techniques with experimental case studies. In: Seventh International Conference on Information Technology: New Generations (ITNG), pp. 176–181 (2010)

    Google Scholar 

  30. Ma, J., Saul, L.K., Savage, S., Voelker, G.M.: Beyond blacklists: learning to detect malicious web sites from suspicious URLs. In: 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1245–1254 (2009)

    Google Scholar 

  31. Basnet, R.B., Sung, A.H., Liu, Q.: Learning to detect phishing URLs. IJRET: Int. J. Res. Eng. Technol. 3(6), 11–24 (2014)

    Article  Google Scholar 

  32. Gupta, R.: Comparison of classification algorithms to detect phishing web pages using feature selection and extraction. Int. J. Res. Granthaalayah 4(8), 118–135 (2016)

    Google Scholar 

  33. Nawafleh, S., Hadi, W.: Multi-class associative classification to predicting phishing websites. Int. J. Acad. Res. 4(6), 302–306 (2012)

    Article  Google Scholar 

  34. Ali, W.: Phishing website detection based on supervised machine learning with wrapper features selection. Int. J. Adv. Comput. Sci. Appl. 8(9), 72–78 (2017)

    Google Scholar 

  35. Oluyomi, A., Osho, O., Shuaib, M.: Evaluation of classification algorithms for phishing URL detection. In: 2nd International Conference on Information and Communication Technology and Its Applications, pp. 243–249 (2018)

    Google Scholar 

  36. UCI Machine Learning Repository: Phishing Websites Data set (2018). https://archive.ics.uci.edu/ml/datasets/phishing+websites. Accessed 03 May 2018

  37. Mohammad, R., Thabtah, F.A., McCluskey, T.L.: Phishing Websites Dataset. University of Huddersfield Repository (2018). http://eprints.hud.ac.uk/id/eprint/24330/. Accessed 04 Oct 2018

Download references

Author information

Authors and Affiliations

  1. Federal University of Technology, Minna, Nigeria

    Oluwafemi Osho & Ayanfeoluwa Oluyomi

  2. Covenant University, Ota, Nigeria

    Sanjay Misra

  3. Vishwakarma Skill University Gurugram, Gurgaon, Hariyana, India

    Ravin Ahuja

  4. Kaunas University of Technology, Kaunas, Lithuania

    Robertas Damasevicius & Rytis Maskeliunas

Authors
  1. Oluwafemi Osho
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ayanfeoluwa Oluyomi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sanjay Misra
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ravin Ahuja
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Robertas Damasevicius
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Rytis Maskeliunas
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sanjay Misra .

Editor information

Editors and Affiliations

  1. Universidad Distrital Francisco Jose de Caldas, Bogota, Colombia

    Hector Florez

  2. Universidad Nacional de Loja, Loja, Ecuador

    Marcelo Leon

  3. Universidad a Distancia de Madrid, Madrid, Spain

    Jose Maria Diaz-Nafria

  4. Universidad Complutense de Madrid, Madrid, Spain

    Simone Belli

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Osho, O., Oluyomi, A., Misra, S., Ahuja, R., Damasevicius, R., Maskeliunas, R. (2019). Comparative Evaluation of Techniques for Detection of Phishing URLs. In: Florez, H., Leon, M., Diaz-Nafria, J., Belli, S. (eds) Applied Informatics. ICAI 2019. Communications in Computer and Information Science, vol 1051. Springer, Cham. https://doi.org/10.1007/978-3-030-32475-9_28

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-32475-9_28

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-32474-2

  • Online ISBN: 978-3-030-32475-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation