PhishCatcher: Client-Side Defense Against Web Spoofing Attacks Using Machine Learning

Muzammil Ahmed; Ahmed B. Altamimi; Wilayat Khan; Mohammad Alsaffar; Aakash Ahmad; Zawar Hussain Khan; Abdulrahman Alreshidi

doi:10.1109/ACCESS.2023.3287226

IEEE Access (Jan 2023)

PhishCatcher: Client-Side Defense Against Web Spoofing Attacks Using Machine Learning

Muzammil Ahmed,
Ahmed B. Altamimi,
Wilayat Khan,
Mohammad Alsaffar,
Aakash Ahmad,
Zawar Hussain Khan,
Abdulrahman Alreshidi

Affiliations

Muzammil Ahmed: Department of Electrical and Computer Engineering, COMSATS University Islamabad, Wah Campus, Rawalpindi, Pakistan
Ahmed B. Altamimi: ORCiD; Department of Computer Engineering, University of Ha’il, Ha’il, Saudi Arabia
Wilayat Khan: ORCiD; Department of Electrical and Computer Engineering, COMSATS University Islamabad, Wah Campus, Rawalpindi, Pakistan
Mohammad Alsaffar: ORCiD; Department of Information and Computer Science, University of Ha’il, Ha’il, Saudi Arabia
Aakash Ahmad: School of Computing and Communications, Lancaster University Leipzig, Leipzig, Germany
Zawar Hussain Khan: ORCiD; Department of Electrical and Computer Engineering, University of Victoria, Victoria, BC, Canada
Abdulrahman Alreshidi: ORCiD; Department of Information and Computer Science, University of Ha’il, Ha’il, Saudi Arabia

DOI: https://doi.org/10.1109/ACCESS.2023.3287226
Journal volume & issue: Vol. 11
pp. 61249 – 61263

Abstract

Read online

Cyber security confronts a tremendous challenge of maintaining the confidentiality and integrity of user’s private information such as password and PIN code. Billions of users are exposed daily to fake login pages requesting secret information. There are many ways to trick a user to visit a web page such as, phishing mails, tempting advertisements, click-jacking, malware, SQL injection, session hijacking, man-in-the-middle, denial of service and cross-site scripting attacks. Web spoofing or phishing is an electronic trick in which the attacker constructs a malicious copy of a legitimate web page and request users’ private information such as password. To counter such exploits, researchers have proposed several security strategies but they face latency and accuracy issues. To overcome such issues, we propose and develop client-side defence mechanism based on machine learning techniques to detect spoofed web pages and protect users from phishing attacks. As a proof of concept, a Google Chrome extension dubbed as PhishCatcher, is developed that implements our machine learning algorithm that classifies a URL as suspicious or trustful. The algorithm takes four different types of web features as input and then random forest classifier decides whether a login web page is spoofed or not. To assess the accuracy and precision of the extension, multiple experiments were carried on real web applications. The experimental results show remarkable accuracy of 98.5% and precision as 98.5% from the trials performed on 400 classified phished and 400 legitimate URLs. Furthermore, to measure the latency of our tool, we performed experiments over forty phished URLs. The average recorded response time of PhishCatcher was just 62.5 milliseconds.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords