Evaluating Techniques for Phishing Detection

Álvarez, M. (2017). Evaluating Techniques for Phishing Detection (MSc ASDF Dissertation). Edinburgh Napier University (Macfarlane, R., Buchanan, B.).


ISBN:
ISSN:

Abstract

Over the last few years, phishing has become an important threat for companies and
other kinds of organisations, making them lose millions of pounds every year. There
are many researches who study different methods to detect and stop these attacks.
Machine learning has been studied for many years, but it was recently that it was included
as part of these studies to detect phishing. Toolbars have also been studied for
the task, as they are the most adequate tool for non-technical skills people. The aim
of this thesis is to study both techniques, carry out experiments with both of them for
the task of detecting phishing websites and then compare them and decide, based on
different metrics, which one has the best performance for the job of phishing detection.
An extensive study on the topic of phishing and cyber security is carried out, as
well as research on previous work on the topic and a more focused analysis on machine
learning and toolbars. A study in Splunk is also included, but no experiments are made
with the help of said tool. Three different experiments are performed, two for testing
machine learning algorithms and the last one for trying out toolbars. The results of
these experiments are presented, discussed and compare to reach the goal of the thesis:
discovering the best technique for detecting phishing.
This thesis presents, after a detailed investigation, the three best machine learning
algorithms for phishing detection, which were found to be Random Forest, Neural Networks
and Support Vector Machines. It also presents the best non-technical solutions
for the task, the browser’s security software, and the best toolbar currently on the
market, based on their accuracy and usability. It also presents a comparison between
both techniques, concluding that a user-friendly tool based on machine learning would
be the best solution for the problem. Finally, a number of possible ideas for further
research are presented.
[Read More]

Authors

Areas of Expertise

Cyber-Security
Electronic information now plays a vital role in almost every aspect of our daily lives. So the need for a secure and trustworthy online infrastructure is more important than ever. without it, not only the growth of the internet but our personal interactions and the economy itself could be at risk.

Associated Projects