A hybrid deep learning technique for spoofing website URL detection in real-time applications

Bridget C. Ujah-Ogbuagu; Oluwatobi Noah Akande; Emeka Ogbuju

doi:10.1186/s43067-023-00128-8

Journal of Electrical Systems and Information Technology (Jan 2024)

A hybrid deep learning technique for spoofing website URL detection in real-time applications

Bridget C. Ujah-Ogbuagu,
Oluwatobi Noah Akande,
Emeka Ogbuju

Affiliations

Bridget C. Ujah-Ogbuagu: Department of Science and Technology, Centre for Strategic, Research and Studies, National Defence College
Oluwatobi Noah Akande: Department of Computer Science, Baze University
Emeka Ogbuju: Department of Computer Science, FU Lokoja

DOI: https://doi.org/10.1186/s43067-023-00128-8
Journal volume & issue: Vol. 11, no. 1
pp. 1 – 13

Abstract

Read online

Abstract Website Uniform Resource Locator (URL) spoofing remains one of the ways of perpetrating phishing attacks in the twenty-first century. Hackers continue to employ URL spoofing to deceive naïve and unsuspecting consumers into releasing important personal details in malicious websites. Blacklists and rule-based filters that were once effective at reducing the risks and sophistication of phishing are no longer effective as there are over 1.5 million new phishing websites created monthly. Therefore, research aimed at unveiling new techniques for detecting phishing websites has sparked a lot of interest in both academics and business with machine and deep learning techniques being at the forefront. Among the deep learning techniques that have been employed, Convolutional Neural Network (CNN) remains one of the most widely used with high performance in feature learning. However, CNN has a problem of memorizing contextual relationships in URL text, which makes it challenging to efficiently detect sophisticated malicious URLs in real-time applications. On the contrary, Long Short-Term Memory (LSTM) deep learning model has been successfully employed in complex real-time problems because of its ability to store inputs for a long period of time. This study experiments with the use of hybrid CNN and LSTM deep learning models for spoofing website URL detection in order to exploit the combined strengths of the two approaches for a more sophisticated spoofing URL detection. Two publicly available datasets (UCL spoofing Website and PhishTank Datasets) were used to evaluate the performance of the proposed hybrid model against other models in the literature. The hybrid CNN-LSTM model achieved accuracies of 98.9% and 96.8%, respectively, when evaluated using the UCL and PhishTank datasets. On the other hand, the standalone CNN and LSTM achieved accuracies of 90.4% and 94.6% on the UCL dataset, while their accuracies on the PhishTank dataset were 89.3% and 92.6%, respectively. The results show that the hybrid CNN-LSTM algorithm largely outperformed the standalone CNN and LSTM models, which demonstrates a much better performance. Therefore, the hybrid deep learning technique is recommended for detecting spoofing website URL thereby reducing losses attributed to such attacks.

Published in Journal of Electrical Systems and Information Technology

ISSN: 2314-7172 (Online)
Publisher: SpringerOpen
Country of publisher: United Kingdom
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering; Technology: Technology (General): Industrial engineering. Management engineering: Information technology
Website: https://jesit.springeropen.com/

About the journal

Abstract

Keywords