Title: Extracted rule-based technique for anomaly detection in a global network

Authors: Nureni A. Azeez; Ogunlusi E. Victor; Sanjay Misra; Robertas Damaševičius; Rytis Maskeliunas

Addresses: Department of Computer Science, University of Lagos, Nigeria ' Department of Computer Science, University of Lagos, Nigeria ' Department of Computer Science and Communication, Østfold University College, Halden, Norway ' Department of Software Engineering, Kaunas University of Technology, Kaunas, Lithuania ' Department of Multimedia, Kaunas University of Technology, Kaunas, Lithuania

Abstract: Phishing attacks deceive internet users into revealing sensitive information over the internet to the cybercriminals. The disguise as a result of phishing involves the creation of fake websites that are look-alikes of reputable websites. In this paper, a rule-based method to detect phishing attacks in a global network is presented. Four machine learning models were trained on a dataset consisting of 14 features. The machine learning algorithms used are K-nearest neighbour (kNN), support vector machine (SVM), random forest (RF), and naïve Bayes (NB). With the random forest model, a true positive of 100% and an accuracy of 98.35% were achieved. Rules were then extracted from the random forest model and embedded in a web browser extension called PhishAlert for easy application. Evaluation of the rules shows PhishAlert as an efficient tool for phishing detection. With this technique, the internet users can be easily guided and protected against cybercriminals.

Keywords: phishing attack; machine learning; web browser; fake websites.

DOI: 10.1504/IJESDF.2022.126460

International Journal of Electronic Security and Digital Forensics, 2022 Vol.14 No.6, pp.616 - 637

Received: 24 Jan 2021
Accepted: 21 Dec 2021

Published online: 26 Oct 2022 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article