Applying Machine Learning Techniques to Detect and Analyze Web Phishing Attacks

Phishing is a technique aimed to imitate an official websites of any company such as banks, institutes, etc. The purpose of phishing is to theft private and sensitive credentials of users such as password, username or PIN. Phishing detection is a technique to deal with this kind of malicious activity. In this paper we propose a method able to discriminate between web pages aimed to perform phishing attacks and legitimate ones. We exploit state of the art machine learning algorithms in order to build models using indicators that are able to detect phishing activities.

[1]  Geoffrey I. Webb Decision Tree Grafting From the All Tests But One Partition , 1999, IJCAI.

[2]  Olatz Arbelaitz,et al.  Combining multiple class distribution modified subsamples in a single tree , 2007, Pattern Recognit. Lett..

[3]  Alberto Maria Segre,et al.  Programs for Machine Learning , 1994 .

[4]  Antonella Santone,et al.  Diabetes Mellitus Affected Patients Classification and Diagnosis through Machine Learning Techniques , 2017, KES.

[5]  Aniello Cimitile,et al.  Mobile Malware Detection in the Real World , 2016, 2016 IEEE/ACM 38th International Conference on Software Engineering Companion (ICSE-C).

[6]  Padhraic Smyth,et al.  From Data Mining to Knowledge Discovery in Databases , 1996, AI Mag..

[7]  Fadi A. Thabtah,et al.  Phishing detection based Associative Classification data mining , 2014, Expert Syst. Appl..

[8]  Mario Cannataro,et al.  Modeling Adaptive Hypermedia with an Object-Oriented Approach and XML , 2002, WebDyn@WWW.

[9]  J. Ross Quinlan,et al.  C4.5: Programs for Machine Learning , 1992 .

[10]  CuzzocreaAlfredo Combining multidimensional user models and knowledge representation and management techniques for making web services knowledge-aware , 2006 .

[11]  Guandong Xu,et al.  Community Detection in Multi-relational Social Networks , 2013, WISE.

[12]  T. L. McCluskey,et al.  Predicting phishing websites based on self-structuring neural network , 2013, Neural Computing and Applications.

[13]  Fadi A. Thabtah,et al.  Experimental Case Studies for Investigating E-Banking Phishing Techniques and Attack Strategies , 2010, Cognitive Computation.

[14]  Alfredo Cuzzocrea,et al.  Combining multidimensional user models and knowledge representation and management techniques for making web services knowledge-aware , 2006, Web Intell. Agent Syst..

[15]  Antonella Santone,et al.  Identification of Android Malware Families with Model Checking , 2016, ICISSP.

[16]  Sushilkumar Kalmegh,et al.  Analysis of WEKA Data Mining Algorithm REPTree, Simple Cart and RandomTree for Classification of Indian News , 2015 .

[17]  Chen Jin,et al.  An improved ID3 decision tree algorithm , 2009, 2009 4th International Conference on Computer Science & Education.

[18]  J. Palous,et al.  Machine Learning and Data Mining , 2002 .

[19]  Gerardo Canfora,et al.  Metamorphic Malware Detection Using Code Metrics , 2014, Inf. Secur. J. A Glob. Perspect..

[20]  Fadi Thabtah,et al.  Predicting Phishing Websites using Neural Network trained with Back-Propagation , 2013 .

[21]  Fabio Martinelli,et al.  Evaluating Convolutional Neural Network for Effective Mobile Malware Detection , 2017, KES.

[22]  T. L. McCluskey,et al.  Intelligent rule-based phishing websites classification , 2014, IET Inf. Secur..