Next Article in Journal
AOSR 2.0: A Novel Approach and Thorough Validation of an Agent-Oriented Storage and Retrieval WMS Planner for SMEs, under Industry 4.0
Previous Article in Journal
An Intelligent System to Ensure Interoperability for the Dairy Farm Business Model
Previous Article in Special Issue
IoT Security Risk Management Strategy Reference Model (IoTSRM2)
Article

Towards Lightweight URL-Based Phishing Detection

1
School of Computing, Bournemouth University, Poole BH12 5BB, UK
2
Department of Computer Science, University of Hertfordshire, College Lane, Hatfield AL10 9AB, UK
3
Blockpass ID Lab, School of Computing Edinburgh Napier University, Edinburgh EH10 5DT, UK
*
Authors to whom correspondence should be addressed.
Academic Editor: Weizhi Meng
Future Internet 2021, 13(6), 154; https://doi.org/10.3390/fi13060154
Received: 27 May 2021 / Revised: 9 June 2021 / Accepted: 10 June 2021 / Published: 13 June 2021
(This article belongs to the Special Issue Information and Future Internet Security, Trust and Privacy)
Nowadays, the majority of everyday computing devices, irrespective of their size and operating system, allow access to information and online services through web browsers. However, the pervasiveness of web browsing in our daily life does not come without security risks. This widespread practice of web browsing in combination with web users’ low situational awareness against cyber attacks, exposes them to a variety of threats, such as phishing, malware and profiling. Phishing attacks can compromise a target, individual or enterprise, through social interaction alone. Moreover, in the current threat landscape phishing attacks typically serve as an attack vector or initial step in a more complex campaign. To make matters worse, past work has demonstrated the inability of denylists, which are the default phishing countermeasure, to protect users from the dynamic nature of phishing URLs. In this context, our work uses supervised machine learning to block phishing attacks, based on a novel combination of features that are extracted solely from the URL. We evaluate our performance over time with a dataset which consists of active phishing attacks and compare it with Google Safe Browsing (GSB), i.e., the default security control in most popular web browsers. We find that our work outperforms GSB in all of our experiments, as well as performs well even against phishing URLs which are active one year after our model’s training. View Full-Text
Keywords: phishing; supervised machine learning; classifier; heuristics; URL-based; phishing phishing; supervised machine learning; classifier; heuristics; URL-based; phishing
Show Figures

Figure 1

MDPI and ACS Style

Butnaru, A.; Mylonas, A.; Pitropakis, N. Towards Lightweight URL-Based Phishing Detection. Future Internet 2021, 13, 154. https://doi.org/10.3390/fi13060154

AMA Style

Butnaru A, Mylonas A, Pitropakis N. Towards Lightweight URL-Based Phishing Detection. Future Internet. 2021; 13(6):154. https://doi.org/10.3390/fi13060154

Chicago/Turabian Style

Butnaru, Andrei, Alexios Mylonas, and Nikolaos Pitropakis. 2021. "Towards Lightweight URL-Based Phishing Detection" Future Internet 13, no. 6: 154. https://doi.org/10.3390/fi13060154

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop