Web Kimlik Avı Tespiti için Yeni Bir DEA-ELM Hibrit Yöntemi

Yıl 2025, Cilt: 12 Sayı: 27, 390 - 402, 24.12.2025

Yasin Sönmez , Süleyman Dal

https://doi.org/10.54365/adyumbd.1752606

Öz

Oltalama saldırıları, kullanıcıların hassas bilgilerini çalmak için aldatıcı web sayfaları kullanan yaygın bir siber güvenlik tehdididir. Bu çalışmada, oltalama web sitesi tespiti için Diferansiyel Evrim Algoritmaları (DEA) ile Aşırı Öğrenme Makineleri (ELM) çerçevesini entegre eden yeni bir sınıflandırma modeli öneriyoruz. Yaklaşım, özellikler arası sinyal iyileştirme için bir DEA mekanizması sunar ve bunu DEA aracılığıyla optimize edilmiş bir ELM ile birleştirir. Önerilen DEA-ELM modeli, Web Sayfası Kimlik Avı Tespit veri kümesi üzerinde değerlendirilmiştir. Random Forest, Lojistik Regresyon, Destek Vektör Makinesi (SVM) ve Karar Ağacı gibi geleneksel makine öğrenmesi modelleri %93 ile %97 arasında doğruluk sağlarken, önerilen DEA-ELM modeli %99,86 doğruluk oranı elde etmiştir; ayrıca yüksek kesinlik, geri çağırma ve F1 skoru metrikleri sunmuştur. %93 ile %97 arasında doğruluk elde eden Rastgele Orman, Lojistik Regresyon, Destek Vektör Makinesi ve Karar Ağacı gibi geleneksel makine öğrenimi modelleriyle karşılaştırıldığında, önerilen DEA-ELM modeli yüksek hassasiyet, geri çağırma ve F1 puanı ölçümleri sunmuştur. Bu sonuçlar, ölçeklenebilir, doğru ve gerçek zamanlı kimlik avı tespit sistemleri oluşturmada DEA için optimize edilmiş ELM'nin DEA analiziyle birleştirilmesinin potansiyelini doğrulamaktadır.

Anahtar Kelimeler

Kimlik Avı Tespiti , Siber Güvenlik , Makine Öğrenmesi

A Novel DEA-ELM Hybrid Method for Web Phishing Detection

Öz

Phishing attacks are a pervasive cybersecurity threat, using deceptive web pages to steal users' sensitive information. Detecting phishing sites with high precision and efficiency is crucial for building effective countermeasures. In this study, we propose a novel classification model that integrates a Differential Evolution Algorithms (DEA) with Extreme Learning Machines (ELM) framework for phishing website detection. The approach introduces a DEA mechanism for inter-feature signal enhancement and couples it with an ELM, optimized through a DEA. The proposed DEA-ELM model was evaluated on the Web Page Phishing Detection dataset, Compared to traditional machine learning models such as Random Forest, Logistic Regression, Support Vector Machine (SVM), and Decision Tree, which achieved accuracies between 93% and 97%, the proposed DEA-ELM model achieved a remarkable 99.86% accuracy, along with high precision, recall, and F1-score metrics. These results confirm the potential of DEA-optimized ELM combined with DEA analysis in creating scalable, accurate, and real-time phishing detection systems. The model also provides a reproducible framework by using publicly available data and open-source feature extraction scripts. Future work may explore hybrid feature selection strategies, larger-scale deployment, and online learning extensions.

Anahtar Kelimeler

Phishing Detection , Cyber Security , Machine Leerning

Kaynakça

• Safi A, Singh S. A systematic literature review on phishing website detection techniques. J King Saud Univ Comput Inf Sci 2023;35(2):590-611.
• Ahammad SKH, et al. Phishing URL detection using machine learning methods. Adv Eng Softw 2022;173:103288.
• Nanda M, Saraswat M, Sharma PK. Enhancing cybersecurity: A review and comparative analysis of convolutional neural network approaches for detecting URL-based phishing attacks. e-Prime Adv Electr Eng Electron Energy 2024;8:100533.
• Saha I, et al. Phishing attacks detection using deep learning approach. In: 2020 Third Int Conf Smart Syst Invent Technol (ICSSIT). IEEE; 2020.
• Suleman MT, Awan SM. Optimization of URL-based phishing websites detection through genetic algorithms. Autom Control Comput Sci 2019;53(4):333-341.
• Shoaib M, Umar MS. Managing security issues in phishing using machine learning techniques. Procedia Comput Sci 2025;259:581-590.
• Shombot ES, et al. An application for predicting phishing attacks: A case of implementing a support vector machine learning model. Cyber Secur Appl 2024;2:100036.
• Hannousse A, Yahiouche S. Towards benchmark datasets for machine learning based website phishing detection: An experimental study. Eng Appl Artif Intell 2021;104:104347.
• Sánchez-Paniagua M, et al. Phishing websites detection using a novel multipurpose dataset and web technologies features. Expert Syst Appl 2022;207:118010.
• Alani MM, Tawfik H. PhishNot: A cloud-based machine-learning approach to phishing URL detection. Comput Netw 2022;218:109407.
• Bahaghighat M, Ghasemi M, Ozen F. A high-accuracy phishing website detection method based on machine learning. J Inf Secur Appl 2023;77:103553.
• Ojewumi TO, et al. Performance evaluation of machine learning tools for detection of phishing attacks on web pages. Sci Afr 2022;16:e01165.
• Shafin SS. An explainable feature selection framework for web phishing detection with machine learning. Data Sci Manag 2024.
• Bensaoud A, Kalita J, Bensaoud M. A survey of malware detection using deep learning. Mach Learn Appl 2024;16:100546.
• Alrefaai S, Özdemir G, Mohamed A. Detecting phishing websites using machine learning. In: 2022 Int Congr Human-Comput Interact Optim Robot Appl (HORA). IEEE; 2022.
• Gürfidan R. Intelligent methods in cyber defence: Machine learning based phishing attack detection on web pages. Mühendislik Bilimleri ve Tasarım Dergisi 2024;12(2):416-429.
• Birthriya SK, Ahlawat P, Jain AK. Phishing website detection with XGBoost and adaptive hyperparameter optimization using the bat algorithm. Procedia Comput Sci 2025;258:1774-1782.
• Birthriya SK, Ahlawat P, Jain AK. Intelligent phishing website detection: A CNN-SVM approach with nature-inspired hyperparameter tuning. Cyber Secur Appl 2025;100100.
• Alshingiti Z, et al. A deep learning-based phishing detection system using CNN, LSTM, and LSTM-CNN. Electronics 2023;12(1):232.
• Al Tawil A, et al. Comparative analysis of machine learning algorithms for email phishing detection using tf-idf, word2vec, and bert. Comput Mater Contin 2024;81:3395.
• Ahammad SKH, et al. Phishing URL detection using machine learning methods. Adv Eng Softw 2022;173:103288.
• Toğaçar M. Web sitelerinde gerçekleştirilen oltalama saldırılarının yapay zekâ yaklaşımı ile tespiti. BEÜ Fen Bilimleri Dergisi 2021;10(4):1603-1614.
• Hashim A, Medani R, Attia TA. Defences against web application attacks and detecting phishing links using machine learning. In: 2020 Int Conf Comput Control Electr Electron Eng (ICCCEEE). IEEE; 2020.
• Shafin SS. An explainable feature selection framework for web phishing detection with machine learning. Data Sci Manag 2025;8:127-136.
• Nanda M, Saraswat M, Sharma PK. Enhancing cybersecurity: A review and comparative analysis of convolutional neural network approaches for detecting URL-based phishing attacks. e-Prime Adv Electr Eng Electron Energy 2024;8:100533.
• Kumar PP, Jaya T, Rajendran V. SI-BBA – A novel phishing website detection based on swarm intelligence with deep learning. Mater Today Proc 2023;80:3129-3139.
• Greco F, Desolda G, Buono P, Piccinno A. Enhancing phishing defenses: The impact of timing and explanations in warnings for email clients. Comput Stand Interfaces 2025;93:103982.
• Storn R, Price K. Differential evolution – A simple and efficient heuristic for global optimization over continuous spaces. J Glob Optim 1997;11(4):341-359.
• Das S, Suganthan PN. Differential evolution: A survey of the state-of-the-art. IEEE Trans Evol Comput 2011;15(1):4-31.
• Yang C, Luan J. A novel differential evolution algorithm with multi-population and elites regeneration. PLOS One 2024;19(4):e0302207.
• Cornell University Optimization Wiki. Differential evolution. Wikipedia 2025.
• Wang J, Lu S, Wang SH, Zhang YD. A review on extreme learning machine. Multimed Tools Appl 2022;81(29):41611-41660.
• Huang GB, Wang DH, Lan Y. Extreme learning machines: A survey. Int J Mach Learn Cybern 2011;2:107-122.
• Niu WJ, Feng ZK, Feng BF, Min YW, Cheng CT, Zhou JZ. Comparison of multiple linear regression, artificial neural network, extreme learning machine, and support vector machine in deriving operation rule of hydropower reservoir. Water 2019;11(1):88.
• Diker A, Sönmez Y, Özyurt F, Avcı E, Avcı D. Examination of the ECG signal classification technique DEA-ELM using deep convolutional neural network features. Multimed Tools Appl 2021;80:24777-24800.
• Engelbrecht AP. Computational intelligence: An introduction. Wiley; 2007.
• Karcı A. Differential evolution algorithm and its variants. Comput Sci 2017;2(1):10-14.
• Qin AK, Huang VL, Suganthan PN. Differential evolution algorithm with strategy adaptation for global numerical optimization. IEEE Trans Evol Comput 2008;13(2):398-417.
• Yang WA, Zhou Q, Tsui KL. Differential evolution-based feature selection and parameter optimisation for extreme learning machine in tool wear estimation. Int J Prod Res 2016;54(15):4703-4721.
• Krstinić D, Braović M, Šerić L, Božić-Štulić D. Multi-label classifier performance evaluation with confusion matrix. Comput Sci Inf Technol 2020;1:1-14.
• Hannousse A, Yahiouche S. Web page phishing detection. Mendeley Data 2021;3.
• Krstinić D, Braović M, Šerić L, Božić-Štulić D. Multi-label classifier performance evaluation with confusion matrix. Comput Sci Inf Technol 2020;1:1-14.
• Abdalla G, Özyurt F. Sentiment analysis of fast food companies with deep learning models. Comput J 2021;64(3):383-390.
• Subasi A, Mitra A, Ozyurt F, Tuncer T. Automated COVID-19 detection from CT images using deep learning. In: Comput-Aided Des Diagn Methods Biomed Appl. 2021. p. 153-176.
• Tuncer T, Aydemir E, Ozyurt F, Dogan S. A deep feature warehouse and iterative MRMR based handwritten signature verification method. Multimed Tools Appl 2022;81:3899-3913.
• Kumar S, et al. Mlspd-machine learning based spam and phishing detection. In: Int Conf Comput Social Netw. Springer; 2018.
• Babagoli M, Pourmahmood Aghababa M, Solouk V. Heuristic nonlinear regression strategy for detecting phishing websites. Soft Comput 2019;23(12):4315-4327.
• Rao RS, Pais AR, Anand P. A heuristic technique to detect phishing websites using TWSVM classifier. Neural Comput Appl 2021;33(11):5733-5752.
• Alsariera YA, et al. AI meta-learners and extra-trees algorithm for the detection of phishing websites. IEEE Access 2020;8:142532-142542.
• Azeez NA, et al. Adopting automated whitelist approach for detecting phishing attacks. Comput Secur 2021;108:102328.
• Rashid J, et al. Phishing detection using machine learning technique. In: 2020 1st Int Conf Smart Syst Emerg Technol (SMARTTECH). IEEE; 2020.
• Sahingoz OK, et al. Machine learning based phishing detection from URLs. Expert Syst Appl 2019;117:345-357.
• Sindhu S, et al. Phishing detection using random forest, SVM and neural network with backpropagation. In: 2020 Int Conf Smart Technol Comput Electr Electron (ICSTCEE). IEEE; 2020.
• Prince MSM, Hasan A, Shah FM. A new ensemble model for phishing detection based on hybrid cumulative feature selection. In: 2021 IEEE 11th Symp Comput Appl Ind Electron (ISCAIE). IEEE; 2021.
• Anupam S, Kar AK. Phishing website detection using support vector machines and nature-inspired optimization algorithms. Telecommun Syst 2021;76(1):17-32.