Web Spoofing Prevention: Machine Learning Based Client-Side Defence

In today's digital landscape, safeguarding users' sensitive information like passwords and PIN codes presents a formidable challenge in cybersecurity. Every day, billions of users encounter deceptive tactics aimed at luring them to fraudulent login pages, where their confidential data is s...

Full description

Saved in:
Bibliographic Details
Published in2024 2nd International Conference on Sustainable Computing and Smart Systems (ICSCSS) pp. 1098 - 1104
Main Authors Chanakya, G., Spoorthi, Mareddy, Kumar, Racha Sanjay, Reddy, Jakka Yashwanth, Chowdary, B.V., Kumar, Reddy Dheeraj
Format Conference Proceeding
LanguageEnglish
Published IEEE 10.07.2024
Subjects
Fraudulent login pages
Machine learning algorithms
Phish Catcher
Phishing
Random Forest classifier
SQL injection
Surveys
Systematics
Uniform resource locators
web features analysis
Web pages
Online AccessGet full text
DOI10.1109/ICSCSS60660.2024.10624881

Cover

More Information
Summary:In today's digital landscape, safeguarding users' sensitive information like passwords and PIN codes presents a formidable challenge in cybersecurity. Every day, billions of users encounter deceptive tactics aimed at luring them to fraudulent login pages, where their confidential data is solicited. These tactics range from phishing emails and enticing advertisements to more sophisticated attacks like click-jacking, malware, SQL injection, and session hijacking. One particularly insidious form of cyber threat is web spoofing or phishing, where attackers create counterfeit versions of legitimate websites to trick users into divulging their private information. To address these challenges, this study has developed a client-side defence mechanism leveraging advanced machine learning techniques. The proposed solution aims to detect spoofed web pages and shield users from phishing attacks effectively. As a proof of concept, this study has introduced a Google Chrome extension called PhishCatcher, which integrates the machine learning algorithm. This algorithm analyses a range of web features and employs a Random Forest (RF) classifier to determine whether a login page is likely to be spoofed. To validate the efficacy of our extension, we conducted multiple experiments using real web applications. The results speak volumes: an impressive accuracy and precision rate of 98.5% were achieved from trials involving 400 classified phishing URLs and 400 legitimate URLs. Moreover, to assess the tool's responsiveness, this study has conducted latency tests on forty phishing URLs, revealing an average response time of just 62.5 milliseconds. Overall, the innovative approach not only offers a robust defence against phishing attacks but also demonstrates remarkable efficiency in safeguarding users' online credentials.
DOI:10.1109/ICSCSS60660.2024.10624881