Phishing Website Detection Using Machine Learning

Abstract

Despite the many protective measures available, phishing still represents a significant risk. Reactive blacklisting of URLs is still the main mitigation method. Because phishing sites are only active for a short while, this strategy is worthless. Because of this, more current techniques concentrate on proactive or real-time phishing URL detection techniques. PhishStorm, a system for automatically detecting phishing attacks, is introduced in this project. potential phishing websites. PhishStorm is capable of interacting frequently claim that the URL's top-level domain, path, and query have little to no link to the low-level domain, which needs to be registered. The use of experimental data is illustrated in this article. It can be utilised to support this observation.In order to achieve this, we define a brandnew notion of intra-URL relevance and assess it based on attributes gleaned from the words used to construct the URL and queries from the Google and Yahoo search engines. In order to identify phishing URLs from real-world data sets, these attributes are subsequently used in machine learning-based classification. Our system was tested against 96,018 authentic and phishing URLs, and it correctly classified 94.91% of them with only 1.44% of false positives. It has been suggested to expand an effective (>99%) URL phishing scoring system. Using large data architectures like STORM and sophisticated Bloom filter data structures