A Hybrid Phishing Detection System Using Deep Learning-based URL and Content Analysis


Creative Commons License

Korkmaz M., Kocyigit E., Sahingoz O. K., DİRİ B.

Elektronika ir Elektrotechnika, cilt.28, sa.5, ss.80-89, 2022 (SCI-Expanded) identifier

  • Yayın Türü: Makale / Tam Makale
  • Cilt numarası: 28 Sayı: 5
  • Basım Tarihi: 2022
  • Doi Numarası: 10.5755/j02.eie.31197
  • Dergi Adı: Elektronika ir Elektrotechnika
  • Derginin Tarandığı İndeksler: Science Citation Index Expanded (SCI-EXPANDED), Scopus, Aerospace Database, Applied Science & Technology Source, Central & Eastern European Academic Source (CEEAS), Communication Abstracts, Computer & Applied Sciences, INSPEC, Metadex, Directory of Open Access Journals, Civil Engineering Abstracts
  • Sayfa Sayıları: ss.80-89
  • Anahtar Kelimeler: Content-based, Deep learning, High-risk dataset, Phishing detection, Two-stage hybrid system, URL-based
  • Yıldız Teknik Üniversitesi Adresli: Evet

Özet

Phishing attacks are one of the most preferred types of attacks for cybercriminals, who can easily contact a large number of victims through the use of social networks, particularly through email messages. To protect end users, most of the security mechanisms control Uniform Resource Locator (URL) addresses because of their simplicity of implementation and execution speed. However, due to sophisticated attackers, this mechanism can miss some phishing attacks and has a relatively high false positive rate. In this research, a hybrid technique is proposed that uses not only URL features, but also content-based features as the second level of detection mechanism, thus improving the accuracy of the detection system while also minimizing the number of false positives. Additionally, most phishing detection algorithms use datasets that contain easily differentiated data pieces, either phishing or legitimate. However, in order to implement a more secure protection mechanism, we aimed to collect a larger and high-risk dataset. The proposed approaches were tested on this High-Risk URL and Content-Based Phishing Detection Dataset that only contains suspicious websites from PhishTank. According to experimental studies, an accuracy rate of 98.37 percent was achieved on a more realistic dataset for phishing detection.