Affordable Access

Access to the full text

Phishing URL Detection Through Top-level Domain Analysis: A Descriptive Approach

  • Christou, Orestis
  • Pitropakis, Nikolaos
  • Papadopoulos, Pavlos
  • McKeown, Sean
  • Buchanan, William J.
Published Article
Publication Date
May 13, 2020
Submission Date
May 13, 2020
DOI: 10.5220/0008902202890298
External links


Phishing is considered to be one of the most prevalent cyber-attacks because of its immense flexibility and alarmingly high success rate. Even with adequate training and high situational awareness, it can still be hard for users to continually be aware of the URL of the website they are visiting. Traditional detection methods rely on blocklists and content analysis, both of which require time-consuming human verification. Thus, there have been attempts focusing on the predictive filtering of such URLs. This study aims to develop a machine-learning model to detect fraudulent URLs which can be used within the Splunk platform. Inspired from similar approaches in the literature, we trained the SVM and Random Forests algorithms using malicious and benign datasets found in the literature and one dataset that we created. We evaluated the algorithms' performance with precision and recall, reaching up to 85% precision and 87% recall in the case of Random Forests while SVM achieved up to 90% precision and 88% recall using only descriptive features.

Report this publication


Seen <100 times