Phishing Website Detection With Semantic Features Based on Machine Learning Classifiers: A Comparative Study

Abstract

The phishing attack is one of the main cybersecurity threats in web phishing and spear phishing. Phishing websites continue to be a problem. One of the main contributions to the study was working and extracting the URL and domain identity feature, abnormal features, HTML and JavaScript features, and domain features as semantic features to detect phishing websites, which makes the process of classification using those semantic features more controllable and more effective. The current study used the machine learning model algorithms to detect phishing websites, and comparisons were made. The authors have used 16 machine learning models adopted with 10 semantic features that represent the most effective features for the detection of phishing webpages extracted from two datasets. The GradientBoostingClassifier and RandomForestClassifier had the best accuracy based on the comparison results (i.e., about 97%). In contrast, GaussianNB and the stochastic gradient descent (SGD) classifier represent the lowest accuracy results, 84% and 81% respectively, in comparison with other classifiers.