nach oben

Cluster Computing

Erschienen in:

30.05.2023

Machine learning models for phishing detection from TLS traffic

verfasst von: Munish Kumar, Cheemaladinne Kondaiah, Alwyn Roshan Pais, Routhu Srinivasa Rao

Erschienen in: Cluster Computing | Ausgabe 5/2023

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Phishing is a fraudulent tactic for attackers to obtain victims personal information, such as passwords, account details, credit card details, and other sensitive information. Existing anti-phishing detection methods using at the application layer and cannot be applied at the transport layer. A novel machine learning (ML) based phishing detection technique from transport layer security (TLS) 1.2 and TLS 1.3 encrypted traffic without decryption is proposed in this paper. Our proposed model detects phishing URLs at the transport layer and classifies them as legitimate or phishing. The features are extracted from TLS 1.2 and TLS 1.3 traffic, and phishing detection is performed using ML algorithms based on the extracted features. The datasets for legitimate and phishing sites are created using features derived from TLS 1.2 and TLS 1.3 traffic. According to the experimental results, the proposed model effectively detects phishing URLs in encrypted traffic. The proposed model achieves an accuracy of 93.63% for Random Forest (RF), 95.07% for XGBoost (XGB), and the highest accuracy of 95.40% for Light GBM (LGBM).

Vorheriger Artikel Edge server placement problem in multi-access edge computing environment: models, techniques, and applications

Nächster Artikel Detect anomalies in cloud platforms by using network data: a review

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

https://apwg.org/trendsreports/.

https://transparencyreport.google.com/https/overview?hl=en.

https://scikit-learn.org/stable/.

https://github.com/Munish999/Dataset-URL-Phishing-detection-TLS-1.2-and-TLS-1.3.

Alnemari, S., Alshammari, M.: Detecting phishing domains using machine learning. Appl. Sci. 13(8), 4649 (2023)CrossRef

Mohamed, G., Visumathi, J., Mahdal, M., Anand, J., Elangovan, M.: An effective and secure mechanism for phishing attacks using a machine learning approach. Processes 10(7), 1356 (2022)CrossRef

Ahammad, S.H., Kale, S.D., Upadhye, G.D., Pande, S.D., Babu, E.V., Dhumane, A.V., et al.: Phishing URL detection using machine learning methods. Adv. Eng. Softw. 173, 103288 (2022)CrossRef

Butnaru, A., Mylonas, A., Pitropakis, N.: Towards lightweight URL-based phishing detection. Future Internet 13(6), 154 (2021)CrossRef

Nguyen, L.A.T., To, B.L., Nguyen, H.K., Nguyen, M.H.A.: novel approach for phishing detection using URL-based heuristic. In: 2014 International Conference on Computing, Management and Telecommunications (ComManTel), 2014, pp. 298–303. IEEE (2014)

Rao, R.S., Vaishnavi, T., Pais, A.R.: CatchPhish: detection of phishing websites by inspecting URLs. J. Ambient Intell. Humaniz. Comput. 11(2), 813–825 (2020)CrossRef

Hong, J., Kim, T., Liu, J., Park, N., Kim, S.W.: Phishing URL detection with lexical features and blacklisted domains. In: Adaptive Autonomous Secure Cyber Systems, pp. 253–267. Springer, Berlin (2020)

Jain, A.K., Gupta, B.B.: A novel approach to protect against phishing attacks at client side using auto-updated white-list. EURASIP J. Inf. Secur. 2016(1), 1–11 (2016)

Han, W., Cao, Y., Bertino, E., Yong, J.: Using automated individual white-list to protect web digital identities. Expert Syst. Appl. 39(15), 11861–11869 (2012)CrossRef

10.

Nakayama, S., Echizen, I., Yoshiura, H.: Preventing false positives in content-based phishing detection. In: 2009 Fifth International Conference on Intelligent Information Hiding and Multimedia Signal Processing, 2009, pp. 48–51. IEEE (2009)

11.

Dunlop, M., Groat, S., Shelly, D.: GoldPhish: using images for content-based phishing analysis. In: 2010 Fifth International Conference on Internet Monitoring and Protection, 2010, pp. 123–128. IEEE (2010)

12.

Wenyin, L., Huang, G., Xiaoyue, L., Min, Z., Deng, X.: Detection of phishing webpages based on visual similarity. In: Special Interest Tracks and Posters of the 14th International Conference on World Wide Web, 2005, pp. 1060–1061 (2005)

13.

Rao, R.S., Pais, A.R.: An enhanced blacklist method to detect phishing websites. In: International Conference on Information Systems Security, 2017, pp. 323–333. Springer (2017)

14.

Rao, R.S., Pais, A.R.: Two level filtering mechanism to detect phishing sites using lightweight visual similarity approach. J. Ambient Intell. Humaniz. Comput. 11(9), 3853–3872 (2020)CrossRef

15.

Mao, J., Li, P., Li, K., Wei, T., Liang, Z.: BaitAlarm: detecting phishing sites using similarity in fundamental visual features. In: 2013 5th International Conference on Intelligent Networking and Collaborative Systems, 2013, pp. 790–795. IEEE (2013)

16.

Rao, R.S., Ali, S.T.: PhishShield: a desktop application to detect phishing webpages through heuristic approach. Procedia Comput. Sci. 54, 147–156 (2015)CrossRef

17.

Rao, R.S., Pais, A.R.: Detection of phishing websites using an efficient feature-based machine learning framework. Neural Comput. Appl. 31(8), 3851–3873 (2019)CrossRef

18.

Zhou, X., Verma, R.: Phishing sites detection from a web developer’s perspective using machine learning. In: Proceedings of the 53rd Hawaii International Conference on System Sciences, 2020 (2020)

19.

Sonowal, G., Kuppusamy, K.: PhiDMA—a phishing detection model with multi-filter approach. J. King Saud Univ. Comput. Inf. Sci. 32(1), 99–112 (2020)

20.

Feng, J., Zhang, Y., Qiao, Y.: A detection method for phishing web page using DOM-based Doc2Vec model. J. Comput. Inf. Technol. 28(1), 19–31 (2020)CrossRef

21.

Tanaka, S., Matsunaka, T., Yamada, A., Kubota, A.: Phishing site detection using similarity of website structure. In: 2021 IEEE Conference on Dependable and Secure Computing (DSC), 2021, pp. 1–8. IEEE (2021)

22.

Prakash, P., Kumar, M., Kompella, R.R., Gupta, M.: PhishNet: predictive blacklisting to detect phishing attacks. In: 2010 Proceedings IEEE INFOCOM, 2010, pp. 1–5. IEEE (2010)

23.

Huh, J.H., Kim, H.: Phishing detection with popular search engines: simple and effective. In: International Symposium on Foundations and Practice of Security, 2011, pp. 194–207. Springer (2011)

24.

Zhang, D., Yan, Z., Jiang, H., Kim, T.: A domain-feature enhanced classification model for the detection of Chinese phishing e-Business websites. Inf. Manag. 51(7), 845–853 (2014)CrossRef

25.

Zouina, M., Outtaj, B.: A novel lightweight URL phishing detection system using SVM and similarity index. Hum. Centric Comput. Inf. Sci. 7(1), 1–13 (2017)CrossRef

26.

Jain, A.K., Gupta, B.B.: Towards detection of phishing websites on client-side using machine learning based approach. Telecommun. Syst. 68(4), 687–700 (2018)CrossRef

27.

Li, Y., Yang, Z., Chen, X., Yuan, H., Liu, W.: A stacking model using URL and HTML features for phishing webpage detection. Future Gener. Comput. Syst. 94, 27–39 (2019)CrossRef

28.

Suleman, M.T., Awan, S.M.: Optimization of URL-based phishing websites detection through genetic algorithms. Autom. Control Comput. Sci. 53(4), 333–341 (2019)CrossRef

29.

Sahingoz, O.K., Buber, E., Demir, O., Diri, B.: Machine learning based phishing detection from URLs. Expert Syst. Appl. 117, 345–357 (2019)CrossRef

30.

Sadique, F., Kaul, R., Badsha, S., Sengupta, S.: An automated framework for real-time phishing URL detection. In: 2020 10th Annual Computing and Communication Workshop and Conference (CCWC), 2020, pp. 0335–0341. IEEE (2020)

31.

Korkmaz, M., Sahingoz, O.K., Diri, B.: Detection of phishing websites by using machine learning-based URL analysis. In: 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT), 2020, pp. 1–7. IEEE (2020)

32.

Gupta, B.B., Yadav, K., Razzak, I., Psannis, K., Castiglione, A., Chang, X.: A novel approach for phishing URLs detection using lexical based machine learning in a real-time environment. Comput. Commun. 175, 47–57 (2021)CrossRef

33.

Butnaru, A., Mylonas, A., Pitropakis, N.: Towards lightweight URL-based phishing detection. Future Internet 13(6), 154 (2021)CrossRef

Titel: Machine learning models for phishing detection from TLS traffic
verfasst von: Munish Kumar
Cheemaladinne Kondaiah
Alwyn Roshan Pais
Routhu Srinivasa Rao
Publikationsdatum: 30.05.2023
Verlag: Springer US
Erschienen in: Cluster Computing / Ausgabe 5/2023
Print ISSN: 1386-7857
Elektronische ISSN: 1573-7543
DOI: https://doi.org/10.1007/s10586-023-04042-6

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 5/2023

Design and implementation of an efficient and parallel bad block checker for parallelism of storage devices

Interference-aware execution framework with Co-scheML on GPU clusters

Deep learning for the security of software-defined networks: a review

Towards enhanced I/O performance of a highly integrated many-core processor by empirical analysis

Reversible encryption and lossless data hiding for medical imaging aiding smart health care

A taxonomy of load balancing algorithms and approaches in fog computing: a survey