Phishing Website URL Detection Using a Hybrid Machine Learning Approach

Abstract

In a relatively short time, the internet has grown and progressed tremendously. With more users and advancements in web development, the internet today supports a large portion of the corporate world. With it, the number of cyber-attacks and threats has skyrocketed, resulting in monetary losses, data breaches, theft of identity, brand reputation damage, and a loss in customer trust in online shopping and banking. Phishing is a type of cyber threat in which a fake person usually hacker impersonates a genuine and trustworthy organization in order to get sensitive and private information from a victim. Furthermore, phishing has been a problem for many years. The global economy has now suffered billions of dollars as a result. In this study, we will examine some techniques for addressing the issue of phishing, particularly phishing using websites, and design solution based on machine learning algorithms to identify phishing websites. In order to understand the machine learning decision-making foundation and examine which attributes in general would be utilized to classify a website as real or phishing, we also conducted feature significance analysis using the provided dataset and solution. In this study we utilized Decision Tree, Random, Forest C-Support Vector Classification and AdaBoost algorithms for the detection of phishing URLs. Random Forest consistently outperformed than the other models across all key metrics. It demonstrated optimal performance in its classifications by achieving the highest accuracy 97.7%, Precision 99% and F1 score 97%.