Orestis Christou
Phishing URL Detection Through Top-Level Domain Analysis: A Descriptive Approach
Christou, Orestis; Pitropakis, Nikolaos; Papadopoulos, Pavlos; Mckeown, Sean; Buchanan, William J
Authors
Dr Nick Pitropakis N.Pitropakis@napier.ac.uk
Associate Professor
Dr Pavlos Papadopoulos P.Papadopoulos@napier.ac.uk
Lecturer
Dr Sean McKeown S.McKeown@napier.ac.uk
Lecturer
Prof Bill Buchanan B.Buchanan@napier.ac.uk
Professor
Abstract
Phishing is considered to be one of the most prevalent cyber-attacks because of its immense flexibility and alarmingly high success rate. Even with adequate training and high situational awareness, it can still be hard for users to continually be aware of the URL of the website they are visiting. Traditional detection methods rely on blacklists and content analysis, both of which require time-consuming human verification. Thus, there have been attempts focusing on the predictive filtering of such URLs. This study aims to develop a machine-learning model to detect fraudulent URLs and be used within the Splunk platform. Inspired from similar approaches in the literature, we trained the SVM and Random Forests algorithms using malicious and benign datasets found in the literature and one dataset that we created. We evaluated the algorithms' performance with precision and recall reaching up to 85% precision and 87% recall in the case of Random Forests while SVM achieved up to 90% precision and 88% recall using only descriptive features.
Citation
Christou, O., Pitropakis, N., Papadopoulos, P., Mckeown, S., & Buchanan, W. J. (2020). Phishing URL Detection Through Top-Level Domain Analysis: A Descriptive Approach. In Proceedings of the 6th International Conference on Information Systems Security and Privacy (289-298). https://doi.org/10.5220/0008902202890298
| Conference Name | ICISSP 2020 |
|---|---|
| Conference Location | Valletta, Malta |
| Start Date | Feb 25, 2020 |
| End Date | Feb 27, 2020 |
| Acceptance Date | Dec 3, 2019 |
| Publication Date | 2020 |
| Deposit Date | Jan 9, 2020 |
| Publicly Available Date | Oct 12, 2020 |
| Publisher | Scitepress Digital Library |
| Volume | 1 |
| Pages | 289-298 |
| Book Title | Proceedings of the 6th International Conference on Information Systems Security and Privacy |
| ISBN | 978-989-758-399-5 |
| DOI | https://doi.org/10.5220/0008902202890298 |
| Keywords | Phishing Detection; Machine Learning; Domain Names; URL |
| Public URL | http://researchrepository.napier.ac.uk/Output/2461692 |
| Publisher URL | http://www.icissp.org/ |
Files
Preprint Malicious Url Detection Through Top Level Domain Analysis A Descriptive Approach
(295 Kb)
PDF
Publisher Licence URL
http://creativecommons.org/licenses/by-nc-nd/4.0/
Copyright Statement
Published under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) license.
You might also like
Rapidrift: Elementary Techniques to Improve Machine Learning-Based Malware Detection
(2023)
Journal Article
Progressive Web Apps to Support (Critical) Systems in Low or No Connectivity Areas
(2023)
Conference Proceeding
Forensic Investigation Using RAM Analysis on the Hadoop Distributed File System
(2023)
Conference Proceeding
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search