A Novel Phishing Website Detection Model Based on LightGBM and Domain Name Features

Zhou, Jingxian; Cui, Hao; Li, Xina; Yang, Wei; Wu, Xi

doi:10.3390/sym15010180

Cited by 9 publications

(10 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The research work in [3] applied LightGBM and features of the domain name to recognize phishing websites and preserve the website's security. After the filtering process, sixteen features of the domain name were extracted for the training process.…”

Section: Related Workmentioning

confidence: 99%

“…To calculate the information gain while being as consistent with the total data distribution as possible and making sure that samples with small gradient values are trained, GOSS uses samples with high and small gradients. To cut down on feature dimensions and boost computing performance, EFB groups together features that are mutually exclusive [3].…”

Section: Optimized Light Gradient Boosting Machine (Lightgbm)mentioning

confidence: 99%

“…Thirdly, a defacement URL leads to an online defacement attack that occurs when a fraudster breaks into a website and changes its content with different messages that may include vulgar language or other abusive messages. Unexpected modifications to the files that are saved on the website could signify a defacement assault and a security breach [3][4][5].…”

Section: Introductionmentioning

confidence: 99%

“…Multi-class classification is more challenging to solve due to the complex features that differentiate between types of malicious URLs. The classification challenge of malicious URL detection entails intricate capabilities such as data gathering, feature extraction, pre-processing, and classification [3][4][5][6][7].…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

An ensemble classification method based on machine learning models for malicious Uniform Resource Locators (URL)

Sankaranarayanan,

Sivachandran,

Mohd Khairuddin

et al. 2024

PLoS ONE

View full text Add to dashboard Cite

Web applications are important for various online businesses and operations because of their platform stability and low operation cost. The increasing usage of Internet-of-Things (IoT) devices within a network has contributed to the rise of network intrusion issues due to malicious Uniform Resource Locators (URLs). Generally, malicious URLs are initiated to promote scams, attacks, and frauds which can lead to high-risk intrusion. Several methods have been developed to detect malicious URLs in previous works. There has been a good amount of work done to detect malicious URLs using various methods such as random forest, regression, LightGBM, and more as reported in the literature. However, most of the previous works focused on the binary classification of malicious URLs and are tested on limited URL datasets. Nevertheless, the detection of malicious URLs remains a challenging task that remains open to research. Hence, this work proposed a stacking-based ensemble classifier to perform multi-class classification of malicious URLs on larger URL datasets to justify the robustness of the proposed method. This study focuses on obtaining lexical features directly from the URL to identify malicious websites. Then, the proposed stacking-based ensemble classifier is developed by integrating Random Forest, XGBoost, LightGBM, and CatBoost. In addition, hyperparameter tuning was performed using the Randomized Search method to optimize the proposed classifier. The proposed stacking-based ensemble classifier aims to take advantage of the performance of each machine learning model and aggregate the output to improve prediction accuracy. The classification accuracies of the machine learning model when applied individually are 93.6%, 95.2%, 95.7% and 94.8% for random forest, XGBoost, LightGBM, and CatBoost respectively. The proposed stacking-based ensemble classifier has shown significant results in classifying four classes of malicious URLs (phishing, malware, defacement, and benign) with an average accuracy of 96.8% when benchmarked with previous works.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Optimized Light Gradient Boosting Machine (Lightgbm)mentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

An ensemble classification method based on machine learning models for malicious Uniform Resource Locators (URL)

Sankaranarayanan,

Sivachandran,

Mohd Khairuddin

et al. 2024

PLoS ONE

View full text Add to dashboard Cite

show abstract

“…Preprocessing text in URLs and email bodies is one of the most challenging aspects of PD. For phishing classification, XGBoost [24] controls massive databases for the text preprocessing stage, derivates essential features, and correctly handles noise. To classify malicious emails, XGBoost analyzes the embedded email body, URLs, email attachments, sender information, and other email metadata.…”

Section: Introductionmentioning

confidence: 99%

A Deep Learning-Based Innovative Technique for Phishing Detection in Modern Security with Uniform Resource Locators

Aldakheel

Zakariah

Gashgari

et al. 2023

Sensors

View full text Add to dashboard Cite

Organizations and individuals worldwide are becoming increasingly vulnerable to cyberattacks as phishing continues to grow and the number of phishing websites grows. As a result, improved cyber defense necessitates more effective phishing detection (PD). In this paper, we introduce a novel method for detecting phishing sites with high accuracy. Our approach utilizes a Convolution Neural Network (CNN)-based model for precise classification that effectively distinguishes legitimate websites from phishing websites. We evaluate the performance of our model on the PhishTank dataset, which is a widely used dataset for detecting phishing websites based solely on Uniform Resource Locators (URL) features. Our approach presents a unique contribution to the field of phishing detection by achieving high accuracy rates and outperforming previous state-of-the-art models. Experiment results revealed that our proposed method performs well in terms of accuracy and its false-positive rate. We created a real data set by crawling 10,000 phishing URLs from PhishTank and 10,000 legitimate websites and then ran experiments using standard evaluation metrics on the data sets. This approach is founded on integrated and deep learning (DL). The CNN-based model can distinguish phishing websites from legitimate websites with a high degree of accuracy. When binary-categorical loss and the Adam optimizer are used, the accuracy of the k-nearest neighbors (KNN), Natural Language Processing (NLP), Recurrent Neural Network (RNN), and Random Forest (RF) models is 87%, 97.98%, 97.4% and 94.26%, respectively, in contrast to previous publications. Our model outperformed previous works due to several factors, including the use of more layers and larger training sizes, and the extraction of additional features from the PhishTank dataset. Specifically, our proposed model comprises seven layers, starting with the input layer and progressing to the seventh, which incorporates a layer with pooling, convolutional, linear 1 and 2, and linear six layers as the output layers. These design choices contribute to the high accuracy of our model, which achieved a 98.77% accuracy rate.

show abstract

A Predictive Model for Phishing Attacks on Mobile Intelligent Agent Systems

Manyama,

Kogeda

2024

Computational Science and Its Applications – ICCSA 2024 Workshops

View full text Add to dashboard Cite

A Novel Phishing Website Detection Model Based on LightGBM and Domain Name Features

Cited by 9 publications

References 28 publications

An ensemble classification method based on machine learning models for malicious Uniform Resource Locators (URL)

An ensemble classification method based on machine learning models for malicious Uniform Resource Locators (URL)

A Deep Learning-Based Innovative Technique for Phishing Detection in Modern Security with Uniform Resource Locators

A Predictive Model for Phishing Attacks on Mobile Intelligent Agent Systems

Contact Info

Product

Resources

About