To search, Click below search items.


All Published Papers Search Service


Detection of Phishing Websites by Investigating Their URLs using LSTM Algorithm


Barah Mohammed Alanzi and Diaa Mohammed Uliyan


Vol. 22  No. 5  pp. 419-428


Phishing is a criminal mechanism that uses both social engineering and technical tricks to steal consumers' personal identity data and financial account credentials. As the number of web user's increases, phishing frauds are gradually increasing. In order to respond effectively to various phishing mechanism, a proper understanding of phishing attacks is necessary, and some appropriate response methods should be utilized. In this paper, the main aim is to detect a phishing website attack by a suggested machine learning algorithm. First, we need to update a blacklisted URLs and IP for antivirus into the database of our method. The database is known as the ""blacklist"". Second, to avoid blacklist attackers, we need to understand how they use creative techniques to deceive users by modifying the URL to look as legitimate user via obfuscation and many other simple techniques including fast blur, where proxies are automatically generated to host a web page; Algorithm generation of new URLs; etc. A blacklist is a list of many unsafe websites that are accused of fraud, spreading malware, or launching any other form of malicious activity. Having this list is one of the biggest nightmares for website owners because the websites that became part of this list are no longer scanned by web crawlers, and there are no backlinks to create these sites. The first step is to collect benign and phishing URLs. Then, Host-based, popularity-based, and lexical feature extractions are applied to create a database of feature values. Finally, the database is knowledge extracted using various methods of machine learning. An experimental study was conducted using a deep learning algorithm, including long-term memory (LSTM). To analyse the behaviours of these deep learning architectures, extensive experiments were conducted to examine the effect of parameter tuning on the performance accuracy of deep learning models. The experimental results from this paper also show several issues and suggest future research directions related to deep learning in the field of phishing detection.


URL; Phishing website; Machine learning; LSTM; RNN.