Authors: Nikhil Kumar, Shekhar Kumar Purbe, Dr. Jyoti Gautam
Abstract: Phishing attacks are now considered to be the greatest cyber security threats in online banking, mobile wallet, and other online financial systems. Attackers launch such attacks not only exploit the vulnerabilities in systems but also exploit human factors to steal sensitive financial information and cause huge monetary losses and destroy users’ credibility. Current defense strategies are blacklist based URL filtering and static rules based detection, which are unable to cope with modern phishing attacks. Modern phishing attacks are carried out by employing advanced techniques such as domain spoofing, adversary-in-the-middle (AiTM) attacks, and dynamic web contents . This paper proposes a multi-layered intelligent phishing detection architecture to defend online banking platforms. The proposed system uses URL analysis, content inspection, and transaction behavior analysis to protect online banking systems from different angles. The system uses machine learning algorithms such as Random Forest, Support Vector Machine, and Logistic Regression to classify phishing attacks based on the features extracted from URL, web pages, and user transactions. Unlike previous approaches which only use single layer detection, this paper proposes a hybrid system architecture with real-time detection and behavioral analysis to detect phishing attacks. The system is trained with datasets collected from multiple repositories which are publicly available phishing repositories. The experimental results show that the model trained by the proposed method achieves an accuracy of 96.5% with high precision and recall and low latency to be applied in real-time systems. The system also provides an alert and response mechanism to notify users and stop fraudulent transactions as soon as possible.
DOI: https://doi.org/10.5281/zenodo.19762735
