SRM INSTITUTE OF SCIENCE AND TECHNOLOGY

SCHOOL OF COMPUTING
DEPARTMENT OF COMPUTING TECHNOLOGIES
18CSP107L / 18CSP108L - MINOR PROJECT /
INTERNSHIP

PHISHING URL DETECTION

Guide name: Dr. Indhumathi Batch ID: 2

R
Student 1 Reg. No: RA2111003010980
Designation: Associate Professor Student 1 Name: V.Akhilesh

Department: C.Tech
Student 2 Reg. No: RA2111003011010
Student 2 Name: Yellanti Punith Chowdary
 ABSTRACT
Phishing is a type of online fraud where perpetrators send deceptive
communications that appear to originate from a trustworthy source,
often containing links or attachments that can steal personal
information or install malware. Traditionally, phishing attacks were
executed through mass spam campaigns, targeting large groups to
trick individuals into clicking malicious links. To combat these
attacks, machine learning techniques can identify phishing attempts by
analyzing submitted URLs. This study focuses on using Random
Forest and Decision Tree classifiers to differentiate between phishing
and legitimate URLs. The proposed method achieved classification
accuracies of 87.0% with Random Forest and 82.4% with Decision
Trees, demonstrating the effectiveness of these techniques in
identifying phishing threats.

2
INTRODUCTION
Phishing URL detection is crucial in
cybersecurity for identifying and
preventing fraudulent websites that steal
sensitive information. As internet use
increases, so do phishing attacks, posing
significant risks. These deceptive URLs
mimic legitimate sites to trick users into
divulging personal data. By leveraging
machine learning and data analysis,
phishing URL detection systems can
accurately differentiate between genuine
and malicious websites. This project aims
to develop robust algorithms and models
to enhance the accuracy and efficiency of
detecting phishing URLs, contributing to a
safer digital environment.

3
Advanced features such as URL characteristics, website content, and
server behavior are analyzed to build comprehensive detection
mechanisms. Machine learning algorithms, including classification
and clustering techniques, are employed to create models capable of
identifying patterns and anomalies indicative of phishing attempts.
Feature extraction and selection play a pivotal role in enhancing the
detection accuracy, as relevant features such as domain age, URL
length, and the presence of suspicious keywords are scrutinized. The
project also explores real-time detection methods to provide instant
warnings to users, thereby minimizing the risk of data breaches. By
continuously updating the detection models with new phishing
tactics, this project ensures adaptability to evolving cyber threats. 4
 EXISTING SYSTEM

In the current landscape, several systems and methods are employed to detect
phishing attacks. These systems typically fall into three main categories: blacklist-
based, heuristic-based, and machine learning-based approaches.
1. Blacklist-Based Approaches:
• Maintain a database of known phishing URLs.
• Checks user-visited URLs against the blacklist; flags malicious ones.
• Straightforward and easy to implement.
• Requires constant updates; limited coverage for new, unknown threats; higher false
negatives.
2. Heuristic-Based Approaches:
• Use predefined rules/patterns to detect phishing.
• URL structure, suspicious keywords, domain age.
• Can effectively identify certain phishing types.
• Relies on manually defined rules; may not generalize well; potential for false positives.
3. Machine Learning-Based Approaches:
• Analyze data and learn patterns to detect phishing.
• Random Forest, Decision Trees, SVM, Neural Networks.
• Can adapt to new phishing strategies; high accuracy.
• Requires significant computational resources and data for training.
5
 PROBLEM STATEMENT AND
BJECTIVES

The increase in internet usage has led to a rise in phishing attacks, which steal
sensitive information through deceptive URLs. Traditional methods like
blacklist-based and heuristic-based approaches have limitations, such as the
need for constant updates and high false positive and negative rates. There is a
need for a robust and efficient system to accurately detect phishing URLs in
real-time. This project aims to use machine learning techniques to analyze
URL features, domain information, and content to build a model that
distinguishes between legitimate and malicious websites. The goal is to
enhance cybersecurity by providing a reliable phishing URL detection system.

6
Objectives:
• Develop a Robust Detection Model: Create a machine learning model
that effectively distinguishes between phishing and legitimate URLs using
various features such as URL characteristics, domain information, and
website content and enhancing cybersecurity.
• Feature Analysis and Selection: Identify and analyze key features
relevant to phishing detection, including URL length, domain age,
suspicious keywords, and SSL certificates.
• Implement Machine Learning Algorithms: Utilize machine learning
techniques such as Random Forest and Decision Trees to build and train
the detection model, optimizing for accuracy and efficiency.
• Evaluate Model Performance: Assess the performance of the developed
model using metrics like accuracy, precision, recall, and F1-score, and
compare it with existing methods to ensure its effectiveness.
• User-Friendly Interface: Design and implement an intuitive interface for
users to interact with the detection system, providing clear and
actionable feedback on potential phishing attempts.
7
 PROPOSED SYSTEM
• Dynamic Dataset Creation
• Utilizes both phishing and legitimate login websites to generate a
comprehensive dataset.
• Machine Learning Integration(XGBOOST): Trains ML algorithms to
detect new and unreported phishing URLs . Adapts to evolving phishing
strategies.
• Proactive and Adaptive Approach: Keeps pace with emerging threats.
Provides insights on changing attacker tactics and phishing methods.
• Higher Detection Accuracy: Capable of identifying previously
unreported phishing URLs.
• Real-Time Adaptation: Continuously updates to counter new phishing
techniques.
• Comprehensive Protection: Offers a flexible and robust defense against
phishing attacks.
8
 System Architecture

Data Collection:
Gathers URLs and website information from the internet.
Tools Used: Web scraping and APIs.
Feature Extraction:
Analyzes URLs and website content to pull out important details, like URL length and suspicious
keywords.
Tools to be Used: Parsing and analysis tools.
Machine Learning:
Uses algorithms to train a model that can tell if a URL is a phishing attempt or not.
Tools to be Used: Algorithms like Random Forest and Decision Trees.
Real-Time Detection and User Interface:
Provides instant results on whether a URL is safe or phishing and shows this information to
users or systems.
Tools to be Used: Detection engine and user-friendly interface.
9
10
11
12
 REFERENCES
Phishing Websites Dataset. (2022). Retrieved from
https://www.example.com/phishing-dataset.

National Cyber Security Centre. (2023). "Phishing Scams." Retrieved from

https://www.ncsc.gov.uk/section/information-for/individuals-families/phishing.

PhishTank. (2023). "Phishing Database. Retrieved from https://www.phishtank.com/.

Kaggle. (2023). "Phishing Websites Dataset. Retrieved from

https://www.kaggle.com/datasets/siddharths22/phishing-websites-dataset

OpenAI. (2024). "ChatGPT: A Large Language Model. Retrieved from

https://www.openai.com/chatgpt.

"Detecting phishing websites using machine learning technique”.Retrieved from

https://journals.plos.org/plosone/article?id=10.1371/journal.pone.0258361

Phishing URL Detection Using Machine Learning and Deep Learning"

https://www.nature.com/articles/s41598-023-37552-9

13