DETECTING PHISHING WEBSITES USING MACHINE learning
DETECTING PHISHING WEBSITES USING MACHINE LEARNING
Phishing is a rapidly rising cyber menace that costs internet users billions of dollars each year. It is an illegal activity that involves a group of people.
Social engineering and technology are used to obtain sensitive information from Internet users. Phishing strategies can be identified using a variety of communication methods such as email, instant chats, pop-up messages, or at the web page level.
Several study articles have been published over the years using various methodologies and procedures, but they have failed to discover all connected dangers and provide a comprehensive solution.
While it is widely assumed that a successful phishing assault requires the creation of identical messages or websites to deceive the internet user, this idea has not been used to evaluate this danger and study the gaps systematically.
Our research aims to evaluate this crime, review different research views and techniques, investigate gaps, and propose a workable remedy.
INTRODUCTION TO CHAPTER ONE
1.1 BACKGROUND OF THE STUDY
It is critical for all computer and internet users to maintain information safe and secure, and to prevent the occurrence of fraud to a bare minimum when visiting various websites.
Phishing is a problem that has been recognised since the dawn of the internet age, and it is one of the most difficult to prevent and control.
Phishing is a cybercrime in which a target or targets are contacted via email, phone, or text message by someone impersonating a legitimate institution in order to trick individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.
The information is then utilised to get access to critical accounts, which can lead to identity theft and financial loss.
The first phishing case was brought in 2004 against a California teenager who imitated the website “America Online.”
He was able to obtain sensitive information from individuals and access credit card credentials in order to withdraw money from their accounts using this bogus website.
Aside from email and internet phishing, there is also ‘vishing' (voice phishing),'smishing' (SMS phishing), and a variety of additional phishing techniques that hackers are continually developing.
The study intends to concentrate on the various methods of phishing and potential solutions in the form of machine learning-based software.
1.2 STATEMENT OF THE PROBLEM
Phishing was previously defined as a deceptive attempt to obtain sensitive data in order to commit a crime. Phishing sites can be difficult to identify by the average user unless the user knows the specific URL, which can be time-consuming.
In this situation, we'd build an artificially intelligent machine learning system to detect this with near-perfect accuracy.
1.3 MOTIVATION OF THE STUDY'
The loss of millions of dollars owing to fraudsters operating phoney versions of data gathering websites, as well as the necessity for a safer internet experience as we move in the internet and communication age, drove this study.
1.4 AIMS AND OBJECTIVES OF STUDY
This system's goals and objectives include the following:
Making progress on a phishing detection system.
Developing a reporting facility allowing other platform users to report bogus websites in order to expand the knowledge base.
Examining past work on the proposed topic for ways to improve it.
The system is being optimised.
System security requirements are being implemented.
Developing a system that can also make suggestions to visitor users
1.5 METHODOLOGY SUMMARY
This idea and project were implemented using the server-side programming language PHP and the MySQL database querying language.
1.6 SCOPE OF THE STUDY
As time passes, the system's scope expands. The system incorporates user feedback into the knowledge base. It also employs specific algorithms to detect fraudulent websites, particularly those that are frequently phished.
1.7 SIGNIFICANCE OF THE STUDY
The study is significant in that it can help to lower the number of people who fall for phoney websites and submit their information to them.
It is quite beneficial for folks who do not have unlimited time to carefully discover exact URLs in order to validate the addresses.
1.8 OPERATIONAL DEFINITION OF TERMS
PHISHING:A type of internet scam in which thieves mimic reputable organisations through email, text message, advertisement, or other means in order to steal sensitive information.
CYBERCRIME: Cybercrime is defined as any criminal action that targets or uses a computer, computer network, or networked device.
Most, but not all, cybercrime is done by cybercriminals or hackers seeking financial gain. Individuals or organisations commit cybercrime.
A URL, or universal resource locator, contains the protocol (for example, HTTP or FTP), the domain name (or IP address), and additional path information (folder/file). A URL on the Web can point to a Web page file, an image file, or any other file supported by the HTTP protocol.
1.9 ORGANISATION OF THE PROJECT
Chapter One provides a brief introduction in the form of the Background of the Study of a basic review of the notion of phishing and the combative tactics against it.
The fourth chapter describes the project's implementation utilising the relevant programming languages and development processes.
It also includes the results of the testing. Chapter Five concludes the project work by providing a summary, findings, and recommendations for future work.