Title: AI-driven approach for robust real-time detection of zero-day phishing websites

Authors: Thomas Nagunwa

Addresses: Department of Computer Science, Institute of Finance Management, Dar Es Salaam, Tanzania

Abstract: Existing solutions for detecting phishing websites mainly depend on a blacklist approach, which has proven ineffective in detecting zero-day phishing websites in real-time. This study proposes a machine learning (ML) approach for highly accurate real-time detection of zero-day phishing websites using highly diversified features. The prediction performance of the features is evaluated and compared using 12 traditional ML and three deep learning (DL) algorithms. The results have shown that with CAT boost algorithm, the features are able to achieve the best performance with an accuracy of 99.02%, false positive rate (FPR) of 0.90% and false negative rate (FNR) of 1.03%. Feature analysis used to understand the features' prediction importance, data distributions and performance contributions are also presented. The prediction runtime of the proposed model is also measured to assess whether the model can be deployed for real-time detection.

Keywords: phishing; phishing web page; zero-day phishing web page; machine learning; deep learning.

DOI: 10.1504/IJICS.2024.136735

International Journal of Information and Computer Security, 2024 Vol.23 No.1, pp.79 - 118

Received: 23 Mar 2023
Accepted: 08 Sep 2023
Published online: 19 Feb 2024 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article