Spotting the Hook: Leveraging Domain Data for Advanced Phishing Detection | IEEE Conference Publication | IEEE Xplore

Spotting the Hook: Leveraging Domain Data for Advanced Phishing Detection


Abstract:

Phishing is a major threat, using deceptive tactics to steal sensitive information such as passwords and financial details. The inventive strategies of cybercriminals cou...Show More

Abstract:

Phishing is a major threat, using deceptive tactics to steal sensitive information such as passwords and financial details. The inventive strategies of cybercriminals coupled with advanced social engineering heighten the difficulties in countering phishing attacks. Traditional blocklisting methods struggle due to the dynamic nature of the Internet and the continuous emergence of new phishing sites. Our research presents an innovative approach to detect phishing domains using machine learning classifiers built upon an extensive array of information combined from DNS records, RDAP servers, TLS certificates, and geolocation data for over 500,000 Internet domains and related IP addresses. Based on a thorough analysis of the data, we propose a fine-tailored vector of 143 unique features that characterize a domain name. We tested the features with seven classification methods and examined their impact on the decision making. The best method achieved a 0.9830 precision rate, an F1 score of 0.9770, and a remarkably low false positive rate of only 0.27%.
Date of Conference: 28-31 October 2024
Date Added to IEEE Xplore: 31 December 2024
ISBN Information:

ISSN Information:

Conference Location: Prague, Czech Republic

Contact IEEE to Subscribe

References

References is not available for this document.