Detecting Phishing Website Using Machine Learning

Detecting Phishing Website Using Machine Learning

Jay Kaphale¹, Pratik Kamble², Dinesh Borole³, Omkar Chavan⁴, Prof. Ruchira Deshmukh⁵

¹ UG Student, Department of Computer Engineering, Smt.Kashibai Navale College of Engineering, Pune

² UG Student, Department of Computer Engineering, Smt.Kashibai Navale College of Engineering, Pune

³ UG Student, Department of Computer Engineering, Smt.Kashibai Navale College of Engineering, Pune

⁴UG Student, Department of Computer Engineering, Smt.Kashibai Navale College of Engineering, Pune

⁵Assist. Professor, Department of Computer Engineering, Smt.Kashibai Navale College of Engineering, Pune

---------------------------------------------------------------------***---------------------------------------------------------------------

Abstract - Phishing attacks are still a major threat to computer system defenders, as they are frequently the first step in a multi-stage attack. Although phishing detection has advanced significantly, some phishing emails appear to get past filters by making minor structural and semantic changes to the messages. We'll deal with it. Using a machine learning classifier trained on a large corpus of phishing and legitimate emails, researchers were able to solve the problem. We create SAFEPC (Semi-Automated Feature Generation for Phish Classification) is a system that extracts features, some of which are elevated to higher level features, in order to defeat common phishing email detection. Strategies. To test SAFE-PC, we gathered a large number of phishing emails from a tier-1 university's central IT department. SAFE-implementation PC's. Phishing attacks continue to pose a major threat for computer system defenders, often forming the first step in a multi-stage attack. There have been great strides made in phishing detection; however, some phishing emails appear to pass through filters by making simple structural and semantic changes to the messages. We tackle this problem through the use of a machine learning classifier operating on a large corpus of phishing and legitimate emails. We design SAFEPC (Semi-Automated Feature generation for Phishing Classification), a system to extract features, elevating some to higher level features, that are meant to defeat common phishing email detection strategies. To evaluate SAFE-PC, we collect a large corpus of phishing emails from the central IT organization at a tier-1 university. The execution of SAFE-PC on the dataset exposes hitherto unknown insights on phishing campaigns directed at university users. SAFEPC detects more than 70a state-of-the-art email filtering tool. It also outperforms Spam Assassin, a commonly used email filtering tool. We also developed an online version of SAFE-PC that can be incrementally retrained with new samples. Its detection performance improves with   time as   new          samples are collected, while the time to retrain the classifier stays constant

Key Words:   Machine learning, Artificial intelligence