Feature Selection for Phishing Detection with Machine Learning
Anierudh Sundararajan1, Gilad Gressel2, Krishnashree Achuthan3
1Anierudh Sundararajan, Cyber Security Systems and Networks, Amrita Vishwa Vidyapeetham Amritapuri, India.
2Gilad Gressel, Georgia Institute of Technology Atlanta, USA.
3Krishnashree Achuthan, Cyber Security Systems and Networks, Amrita Vishwa Vidyapeetham Amritapuri, India.
Manuscript received on 28 September 2019 | Revised Manuscript received on 10 November 2019 | Manuscript Published on 22 November 2019 | PP: 1039-1045 | Volume-8 Issue-6S3 September 2019 | Retrieval Number: F13310986S319/19©BEIESP | DOI: 10.35940/ijeat.F1331.0986S319
Open Access | Editorial and Publishing Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: In the last 10 years machine learning has been widely used to combat phishing attacks. The most common approach was to build a classification model that would be able to detect whether or not a given URL or website is a phishing attack. In order to effectively detect a phishing page with machine learning we must find an effective method to represent websites (both phish and benign) as features which can be fed into a machine learning model. One of the challenges faced by these approaches was to find a good set of features to represent the phishing and benign sites. Within the last 10 years hundreds of different features had been proposed and used to great success [6] [7] [9]. However, due to the curse of dimensionality, use of all available features will exponentially increase the sparsity of the dataset, lowering the odds of successful classification. In this work we extract 31 features that had been commonly used in the literature and perform an in depth feature ranking analysis in order to find the most effective features for phishing detection. Using both filter and wrapping methods we were able to find 23 effective features for phishing detection. The F1-score for all 31 features was 0.88 and time taken to train the multilevel perceptron model was 45.49 seconds and the size of the data used is 100k. Using these 23 features we were able to train a model that has 0.99 F1-score and which was comparable with all previous work while reducing the overall dimensionality of the data and time taken to train the model was 43.71 seconds.
Keywords: Phishing, Cyber Security, Feature Selection, Machine Learning.
Scope of the Article: Machine Learning