Development of anti-phishing browser based on random forest and rule of extraction framework
- PDF / 2,245,368 Bytes
- 14 Pages / 595.276 x 790.866 pts Page_size
- 28 Downloads / 259 Views
HR et al. Cybersecurity (2020) 3:20 https://doi.org/10.1186/s42400-020-00059-1
RESEARCH
Open Access
Development of anti-phishing browser based on random forest and rule of extraction framework Mohith Gowda HR1* , Adithya MV2, Gunesh Prasad S3 and Vinay S4
Abstract Phishing is a technique under Social Engineering attacks which is most widely used to get user sensitive information, such as login credentials and credit and debit card information, etc. It is carried out by a person masquerading as an authentic individual. To protect web users from these attacks, various anti-phishing techniques are developed, but they fail to protect the user from these attacks in various ways. In this paper, we propose a novel technique to identify phishing websites effortlessly on the client side by proposing a novel browser architecture. In this system, we use the rule of extraction framework to extract the properties or features of a website using the URL only. This list consists of 30 different properties of a URL, which will later be used by the Random Forest Classification machine learning model to detect the authenticity of the website. A dataset consisting of 11,055 tuples is used to train the model. These processes are carried out on the client-side with the help of a redesigned browser architecture. Today Researches have come up with machine learning frameworks to detect phishing sites, but they are not in a state to be used by individuals having no technical knowledge. To make sure that these tools are accessible to every individual, we have improvised and introduced detection methods into the browser architecture named as ‘Embedded Phishing Detection Browser’ (EPDB), which is a novel method to preserve the existing user experience while improving the security. The newly designed browser architecture introduces a special segment to perform phishing detection operations in real-time. We have prototyped this technique to ensure maximum security, better accuracy of 99.36% in the identification of phishing websites in realtime. Keywords: Phishing attack, Machine learning, Intelligent browser engine, Rule of extraction algorithm, Browser architecture
Introduction The Internet has widely spread all over the world covering every field of work. As a result, users who depend on the internet to carry out their businesses are also increasing considerably. This number tempts the imposters to carry out their fake operations. Eventually, end-users become more vulnerable to various kinds of web-attacks. One of the major * Correspondence: [email protected] 1 B.E in Computer Science and Engineering, PES College of Engineering, 4011, Vasuda Krupa, 3rd Cross, Shankar Nagar, Mandya, Karnataka 571401, India Full list of author information is available at the end of the article
implications of these web attacks affects the financial transactions over the internet (Phishing Trends and Intelligence Report 2018 n.d.). Phishing is one amongst the popular techniques that is used to gain the advantage of such security flaws. It is a cyberat
Data Loading...
