Implementation And Performance Analysis Of Machine Learning Models For Detecting Phishing Attacks On Websites
In the contemporary world, phishing attacks have become more apparent and caused tremendous financial loss to internet users. When attackers instrument these phishing attacks, an indispensable component frequently used together is a phishing website. Phishing websites are constructed to steal...
Saved in:
Main Author: | |
---|---|
Format: | Final Year Project Report |
Language: | English English |
Published: |
Universiti Malaysia Sarawak, (UNIMAS)
2023
|
Subjects: | |
Online Access: | http://ir.unimas.my/id/eprint/44082/1/LIONG%20KAH%20PONG%20%2824pgs%29.pdf http://ir.unimas.my/id/eprint/44082/2/LIONG%20KAH%20PONG%20%28fulltext%29.pdf http://ir.unimas.my/id/eprint/44082/ |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | In the contemporary world, phishing attacks have become more apparent and caused
tremendous financial loss to internet users. When attackers instrument these phishing attacks,
an indispensable component frequently used together is a phishing website. Phishing websites
are constructed to steal confidential information such as login credentials from victims. Usually,
phishing websites are created resembling legitimate sources to deceive victims. To prevent
users from falling victim to phishing websites, a machine-learning-based solution is proposed
in this project. This project aims to detect phishing websites by implementing a tool that is built
from a machine-learning model. This machine learning model is trained using known datasets
on phishing websites and legitimate websites. So, features or attributes of phishing websites
need to be discovered and this is achieved by looking at techniques phishing websites used to
mimic legitimate sources. With the scholarly review of techniques employed by phishing
websites, it is decided that they can be identified by their URLs and their SSL certificate
information. Then, a machine learning tool is selected to build machine learning models that
use three different machine learning algorithms, which are Support Vector Machine, Random
Forest, and XGBoost. By having three different machine learning models, performance on how
well these models classify phishing websites can be done. With the models successfully trained,
they are deployed as a Chrome browser’s Extension and subsequently tested. These models are
then evaluated with accuracy, precision, and recall. Finally, the testing and evaluation is done,
and XGBoost is proven to be the best performing model in terms of accuracy, precision, and
recall. |
---|