Effective Classification of Phishing Web Pages Based on New Rules by Using Extreme Learning Machines

Abstract

Internet is an essential part of our life. Internet users can beaffectedfrom different types of cyber threats. Thus cyber threats may attack financial data, private information, online banking and e-commerce. Phishing is a type of cyber threats that is targeting to get private information such as credit cards information and social security numbers. There is not a specific solution that can detect whole phishing attacks. In this study, we proposed an intelligent model for detecting phishing web pages based on Extreme Learning Machine. Types of web pages are different in terms of their features. Hence, we must use a specific web page features set to prevent phishing attacks. We proposed a model based on machine learning techniques to detect phishing web pages.We have suggested some new rules to have efficient features. The model has 30 inputs and 1 output. In this application, the 10-fold cross-validation test has been performed. The average classification accuracy was measured as 95.05%.

Keywords

• Machine Learning,Extreme Learning Machine,Phishing,Information Security

References

1. [1] G. Spanos and L. Angelis, "The impact of information security events to the stock market: A systematic literature review", Computers & Security, 58, pp.216-229, 2016.
2. [2] M. Aburrous, M. Hossain, K. Dahal and F. Thabtah, "Intelligent phishing detection system for e-banking using fuzzy data mining", Expert Systems with Applications, 37(12), pp.7913-7921, 2010.
3. [3] N. Abdelhamid, A. Ayesh and F. Thabtah, "Phishing detection based Associative Classification data mining", Expert Systems with Applications, 41(13), pp.5948-5959, 2014.
4. [4] S. Wu, P. Wang, X. Li and Y. Zhang, "Effective detection of android malware based on the usage of data flow APIs and machine learning", Information and Software Technology, 75, pp.17-25, 2016.
5. [5] M. Kaytan and D. Hanbay, "Kurumsal Bilgi Güvenliğine Yönelik Tehditler ve Alınması Önerilen Tedbirler", 1st International Symposium on Digital Forensics and Security, ISDFS’13, pp.267-270, 2013, Fırat University, Elazığ.
6. [6] H. Shahriar and M. Zulkernine, "Trustworthiness testing of phishing websites: A behavior model-based approach", Future Generation Computer Systems, 28(8), pp.1258-1271, 2012.
7. [7] R. M. Mohammad, F. Thabtah and L. McCluskey, "Tutorial and critical analysis of phishing websites methods", Computer Science Review, 17, pp.1-24, 2015.
8. [8] M. Alsharnouby, F. Alaca and S. Chiasson, "Why phishing still works: User strategies for combating phishing attacks", International Journal of Human-Computer Studies, 82, pp.69-82, 2015.

9. [9] R. M. Mohammad, F. Thabtah and L. McCluskey, "Predicting phishing websites based on self-structuring neural network", Neural Computing and Applications, 25(2), pp.443-458, 2014.
10. [10] V. Ramanathan and H. Wechsler, "Phishing detection and impersonated entity discovery using Conditional Random Field and Latent Dirichlet Allocation", Computers & Security, 34, pp.123-139, 2013.
11. [11] I. R. A. Hamid and J. H. Abawajy, "An approach for profiling phishing activities", Computers & Security, 45, pp.27-41, 2014.
12. [12] C. Konradt, A. Schilling and B. Werners, "Phishing: An economic analysis of cybercrime perpetrators", Computers & Security, 58, pp.39-46, 2016.
13. [13] M. Kaytan and D. Hanbay, "The Determining with Artificial Neural Network Based Intelligent System Against The Attacks to The Internet Sites by Phishing Method", International Conference on Natural Science and Engineering, ICNASE'16, pp.3221-3226, 2016, Kilis 7 Aralık University, Kilis.
14. [14] D. Hanbay, I. Turkoglu and Y. Demir, "An expert system based on wavelet decomposition and neural network for modeling Chua’s circuit", Expert Systems with Applications, 34(4), pp.2278-2283, 2008.
15. [15] D. Hanbay, I. Turkoglu and Y. Demir, "Modeling switched circuits based on wavelet decomposition and neural networks", Journal of the Franklin Institute, 347(3), pp.607-617, 2010.
16. [16] V. Santhana Lakshmi and M. Vijaya, "Efficient prediction of phishing websites using supervised learning algorithms", Procedia Engineering, 30, pp.798-805, 2012.
17. [17] C. K. Olivo, A. O. Santin and L. S. Oliveira, "Obtaining the threat model for e-mail phishing", Applied Soft Computing, 13(12), pp.4841-4848, 2013.
18. [18] R. Islam and J. Abawajy, "A multi-tier phishing detection and filtering approach", Journal of Network and Computer Applications, 36(1), pp.324-335, 2013.
19. [19] X. Chen, I. Bose, A. C. M. Leung and C. Guo, "Assessing the severity of phishing attacks: A hybrid data mining approach", Decision Support Systems, 50(4), pp.662-672, 2011.
20. [20] Y. Li, L. Yang and J. Ding, "A minimum enclosing ball-based support vector machine approach for detection of phishing websites", Optik, 127(1), pp.345-351, 2016.
21. [21] R. Gowtham and I. Krishnamurthi, "A comprehensive and efficacious architecture for detecting phishing webpages", Computers & Security, 40, pp.23-37, 2014.
22. [22] K. L. Goh, R. K. Patchmuthu and A. K. Singh, "Link-based web spam detection using weight properties", Journal of Intelligent Information Systems, 43(1), pp.129–145, 2014.
23. [23] B. Zhou, Y. Yao and J. Luo, "Cost-sensitive three-way email spam filtering", Journal of Intelligent Information Systems, 42(1), pp.19–45, 2014.
24. [24] ENISA Threat Landscape 2015, European Union Agency for Network and Information Security (ENISA), Ocak 2016.
25. [25] Phishing Activity Trends Report, Anti Phishing Working Group (APWG), 1st-3rd Quarters 2015.
26. [26] G.-B. Huang, Q.-Y. Zhu and C.-K. Siew, "Extreme learning machine: Theory and applications", Neurocomputing, 70(1-3), pp.489-501, 2006.
27. [27] M. Luo and K. Zhang, "A hybrid approach combining extreme learning machine and sparse representation for image classification", Engineering Applications of Artificial Intelligence, 27, pp.228-235, 2014.
28. [28] G.-B. Huang and L. Chen, "Convex incremental extreme learning machine", Neurocomputing, 70(16-18), pp.3056-3062, 2007.
29. [29] J. Tang, C. Deng, G.-B. Huang and B. Zhao, "Compressed-Domain Ship Detection on Spaceborne Optical Image Using Deep Neural Network and Extreme Learning Machine", IEEE Transactions on Geoscience and Remote Sensing, 53(3), pp.1174-1185, 2015.
30. [30] G.-B. Huang, "An Insight into Extreme Learning Machines: Random Neurons, Random Features and Kernels", Cognitive Computation, 6(3), pp.376-390, 2014.
31. [31] X.-g. Zhao, G. Wang, X. Bi, P. Gong and Y. Zhao, "XML document classification based on ELM", Neurocomputing, 74(16), pp.2444-2451, 2011.
32. [32] G. Wang, Y. Zhao and D. Wang, "A protein secondary structure prediction framework based on the Extreme Learning Machine", Neurocomputing, 72(1-3), pp.262-268, 2008.
33. [33] B. Lu, G. Wang, Y. Yuan and D. Han, "Semantic concept detection for video based on extreme learning machine", Neurocomputing, 102, pp.176-183, 2013.
34. [34] Y. Xu, Z. Y. Dong, J. H. Zhao, P. Zhang and K. P. Wong, "A Reliable Intelligent System for Real-Time Dynamic Security Assessment of Power Systems", IEEE Transactions on Power Systems, 27(3), pp.1253-1263, 2012.
35. [35] K. Choi, K.-A. Toh and H. Byun, "Incremental face recognition for large-scale social network services", Pattern Recognition, 45(8), pp.2868-2883, 2012.
36. [36] L. An and B. Bhanu, "Image Super-Resolution by Extreme Learning Machine", 19th IEEE (Institute of Electrical and Electronics Engineers) International Conference on Image Processing (ICIP), pp.2209-2212, 2012, Orlando, ABD.
37. [37] G.-B. Huang, Q.-Y. Zhu and C.-K. Siew, "Extreme Learning Machine: A New Learning Scheme of Feedforward Neural Networks", Proceedings of IEEE (Institute of Electrical and Electronics Engineers) International Joint Conference on Neural Networks, 2, pp.985-990, 2004.
38. [38] D. Serre, Matrices:Theory and Applications, Springer, New York, 2002.
39. [39] İnternet:http://archive.ics.uci.edu/ml/datasets/Phishing+Websites#, Accessed 24 03 2016.
40. [40] R. M. Mohammad, F. Thabtah and L. McCluskey, "An Assessment of Features Related to Phishing Websites using an Automated Technique", The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012), pp.492-497, 2012, London.
41. [41] R. M. Mohammad, F. Thabtah and L. McCluskey, "Intelligent rule-based phishing websites classification", IET Information Security, 8(3), pp.153-160, 2014.
42. [42] İnternet:http://archive.ics.uci.edu/ml/machine-learning-databases/00327/, Accessed 24 03 2016.
43. [43] İnternet:http://archive.ics.uci.edu/ml/machine-learning-databases/00327/Training%20Dataset.arff, Accessed 24 03 2016.
44. [44] İnternet:http://archive.ics.uci.edu/ml/machine-learning-databases/00327/Phishing%20Websites%20Features.docx, Accessed 24 03 2016.
45. [45] İnternet:http://who.is/, Accessed 19 04 2016.
46. [46] Y. Pan and X. Ding, "Anomaly Based Web Phishing Page Detection", 22nd Annual Computer Security Applications Conference (ACSAC'06), IEEE (Institute of Electrical and Electronics Engineers) Conference Publications, pp.381-392, 2006, Miami Beach, Florida, USA.
47. [47] İnternet:http://www.alexa.com/, Accessed 14 04 2016.
48. [48] İnternet:https://en.wikipedia.org/wiki/PageRank, Accessed 22 04 2016.
49. [49] İnternet:https://support.google.com/webmasters/answer/40052?hl=en, Accessed 14 04 2016.
50. [50] İnternet:http://backlinko.com/google-ranking-factors, Accessed 14 04 2016.
51. [51] İnternet:http://www.phishtank.com/stats.php, Accessed 19 04 2016.
52. [52] İnternet:https://www.stopbadware.org/top-50, Accessed 19 04 2016.