Title: New hybrid framework to detect phishing web pages, based on rules and variant selection of features

Authors: Youness Mourtaji; Mohammed Bouhorma; Daniyal Alghazzawi

Addresses: Faculty of Sciences and Techniques, The University of Abdelmalek Essaadi, Tangier, Morocco ' Faculty of Sciences and Techniques, The University of Abdelmalek Essaadi, Tangier, Morocco ' Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah, Saudi Arabia

Abstract: Phishing phenomena are increasing day after day due to its simplicity to use; it is enough for hackers to clone legitimate website and send it by e-mail to victims to access it within the use of social engineering techniques to lure them and gain their confidence. Hackers use the lack of knowledge of regular users when surfing on the internet and understanding the role of uniform resource locator (URL) of a web page. This fact let hackers create malicious forms of URLs, like very long ones or containing some suspicious characters. Despite cloning web pages, hackers can inject malicious codes into this web page for nefarious uses, so detecting or preventing this kind of web pages is the objective of this paper. We present a new hybrid framework to identify phishing web pages based on different ways and methodologies for features extraction techniques using only the URL as the main entry and without having any visual experience before, also we use hybrid analysis to be complete and accurate.

Keywords: malicious web page; hybrid analysis; machine learning; network security intelligence.

DOI: 10.1504/IJITST.2020.110581

International Journal of Internet Technology and Secured Transactions, 2020 Vol.10 No.6, pp.740 - 757

Received: 17 Dec 2018
Accepted: 31 Mar 2019
Published online: 26 Oct 2020 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article