PHISHING ATTACKS DETECTION USING MACHINE LEARNING METHODS ON URLS FEATURES

Abstract

Over the past 15 years, phishing has been the most common cybercrime, resulting in the theft of billions of dollars. This paper's aim is to provide a concise overview of the current state of phishing and to offer suitable recommendations. As the global pandemic entered its second year, IT and infosec professionals were confronted with an increase in pandemic-themed phishing scams and cyber threats. Previous research on phishing challenges in general is highlighted in this study, with an emphasis on the classification algorithms used to identify web phishing in particular.This thesis makes the following contributions to the effectiveness of phishing website detection: Three classifiers were implemented and assessed on the phishing website dataset, which included 39996 real websites and 55914 fraudulent websites. Logistic Regression, Naive Bayes, and Support Vector Machine are the classifiers that were implemented. The dataset is made of a considerable number of features. In conclusion, Logistic Regression is the best classification algorithm for detecting phishing websites in a dataset with predetermined features. The classification accuracy of the Logistic Regression was 85 percent. The proposed technique could be integrated with different feature extraction models in the future to verify its applicability in a real-time environment.