375
Views
34
Downloads
0
Crossref
N/A
WoS
0
Scopus
N/A
CSCD
As internet technology use is on the rise globally, phishing constitutes a considerable share of the threats that may attack individuals and organizations, leading to significant losses from personal and confidential information to substantial financial losses. Thus, much research has been dedicated in recent years to developing effective and robust mechanisms to enhance the ability to trace illegitimate web pages and to distinguish them from non-phishing sites as accurately as possible. Aiming to conclude whether a universally accepted model can detect phishing attempts with 100% accuracy, we conduct a systematic review of research carried out in 2018–2021 published in well-known journals published by Elsevier, IEEE, Springer, and Emerald. Those researchers studied different Data Mining (DM) algorithms, some of which created a whole new model, while others compared the performance of several algorithms. Some studies combined two or more algorithms to enhance the detection performance. Results reveal that while most algorithms achieve accuracies higher than 90%, only some specific models can achieve 100% accurate results.
As internet technology use is on the rise globally, phishing constitutes a considerable share of the threats that may attack individuals and organizations, leading to significant losses from personal and confidential information to substantial financial losses. Thus, much research has been dedicated in recent years to developing effective and robust mechanisms to enhance the ability to trace illegitimate web pages and to distinguish them from non-phishing sites as accurately as possible. Aiming to conclude whether a universally accepted model can detect phishing attempts with 100% accuracy, we conduct a systematic review of research carried out in 2018–2021 published in well-known journals published by Elsevier, IEEE, Springer, and Emerald. Those researchers studied different Data Mining (DM) algorithms, some of which created a whole new model, while others compared the performance of several algorithms. Some studies combined two or more algorithms to enhance the detection performance. Results reveal that while most algorithms achieve accuracies higher than 90%, only some specific models can achieve 100% accurate results.
D. Goel and A. K. Jain, Mobile phishing attacks and defence mechanisms: State of art and open research challenges, Comput. Secur., vol. 73, pp. 519–544, 2018.
Q. Abu Al-Haija and M. Al-Fayoumi, An intelligent identification and classification system for malicious uniform resource locators (URLs), Neural Comput. Appl., pp. 1–17, 2023.
I. Vayansky and S. Kumar, Phishing - challenges and solutions, Comput. Fraud Secur., vol. 2018, no. 1, pp. 15–20, 2018.
Q. Abu Al-Haija, M. Alohaly, and A. Odeh, A lightweight double-stage scheme to identify malicious DNS over HTTPS traffic using a hybrid learning approach, Sensors, vol. 23, no. 7, pp. 3489, 2023.
R. Butler and M. Butler, Assessing the information quality of phishing-related content on financial institutions’ websites, Inf. Comput. Secur., vol. 26, no. 5, pp. 514–532, 2018.
G. Vrbančič, I. Fister Jr, and V. Podgorelec, Datasets for phishing websites detection, Data Brief, vol. 33, p. 106438, 2020.
A. K. Jain and B. B. Gupta, A machine learning based approach for phishing detection using hyperlinks information, J. Ambient Intell. Humaniz. Comput., vol. 10, no. 5, pp. 2015–2028, 2019.
M. A Adebowale, K. T. Lwin, E. Sánchez, and M. A. Hossain, Intelligent web-phishing detection and protection scheme using integrated images, frames, and text features, Expert Syst. Appl., vol. 115, pp. 300–313, 2019.
A. Zamir, H. U. Khan, T. Iqbal, N. Yousaf, F. Aslam, A. Anjum, and M. Hamdani, Phishing web site detection using diverse machine learning algorithms, Electron. Libr., vol. 38, no. 1, pp. 65–80, 2020.
X. Xiao, D. Zhang, G. Hu, Y. Jiang, and S. Xia, CNN–MHSA: A Convolutional Neural Network and multi-head self-attention combined approach for detecting phishing websites, Neural Netw., vol. 125, pp. 303–312, 2020.
C. Wang, Z. Hu, R. Chiong, Y. Bao, and J. Wu, Identification of phishing websites through hyperlink analysis and rule extraction, Electron. Libr., vol. 38, nos. 5/6, pp. 1073–1093, 2020.
Y. Ahmad Alsariera, V. E. Adeyemo, A. O. Balogun, and A. K. Alazzawi, AI meta-learners and extra-trees algorithm for the detection of phishing websites, IEEE Access, vol. 8, pp. 142532–142542, 2020.
M. A. Adebowale, K. T. Lwin, and M. A. Hossain, Intelligent phishing detection scheme using deep learning algorithms, J. Enterp. Inf. Manag., vol. 36, no. 3, pp. 747–766, 2023.
M. Arshey and K. S. Angel Viji, An optimization-based deep belief network for the detection of phishing e-mails, Data Technol. Appl., vol. 54, no. 4, pp. 529–549, 2020.
A. O. Balogun, K. S. Adewole, M. O. Raheem, O. N. Akande, F. E. Usman-Hamza, M. A. Mabayoje, A. G. Akintola, A. W. Asaju-Gbolagade, M. K. Jimoh, R. G. Jimoh, et al., Improving the phishing website detection using empirical analysis of Function Tree and its variants, Heliyon, vol. 7, no. 7, p. e07437, 2021.
D. J. Liu, G. G. Geng, X. B. Jin, and W. Wang, An efficient multistage phishing website detection model based on the CASE feature framework: Aiming at the real web environment, Comput. Secur., vol. 110, p. 102421, 2021.
This work is available under the CC BY-NC-ND 3.0 IGO license:https://creativecommons.org/licenses/by-nc-nd/3.0/igo/