Abstract
As a new and potentially devastating form of cyberattack, ‘Phishing’ URLs pose a risk to users by impersonating legitimate websites in an effort to obtain sensitive information such as usernames, passwords, and financial details. At least two-thirds of persons were hit by these phishing assaults in 2016, according to a survey (Gopal et al. in IOP Conference Series: Materials Science and Engineering, vol. 1055, no. 1, p. 012072. IOP Publishing ). Therefore, these attacks must be addressed carefully to prevent financial losses. In order to detect and prevent new kinds of assault, in addition to the ones already in use, a defense mechanism that can learn the possibilities of attacks is required. In the IoT (Internet of Things), everything is managed remotely via a web address (URL). So, intruders can simply gain access to the controls by stealing the URL used to access them from a distant location. To identify and prevent access to phishing sites at the network layer, we offer an approach that combines a deep neural networks (DNN) model with autoencoders. In order to train the model for feature reduction, an autoencoder sends it a dataset that includes both legitimate and phishing domains to analyze. The effectiveness of the suggested approach has been tested on a number of datasets, including Open phish, UCI, Mendeley, and PhishTank. For the multiclassification dataset, these metrics for this design are: 92.89% accuracy, 93.07% recall, 92.75% precision, and 92.21% F1-score.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
S. B. Gopal, C. Poongodi, D. Nanthiya, R. Snega Priya, G. Saran, and M. Sathya Priya. "Mitigating DoS attacks in IoT using supervised and unsupervised algorithms–a survey." in IOP Conference Series: Materials Science and Engineering, vol. 1055, no. 1, p. 012072. IOP Publishing, 2021
K. Nirmal, B. Janet, R. Kumar, Analyzing and eliminating phishing threats in IoT, network and other Web applications using iterative intersection. Peer-to-Peer Netw. Appl. 14, 2327–39 (2021)
B.B. Gupta et al., Fighting against phishing attacks: state of the art and future challenges. Neural Comput. Appl. 28(12), 3629–3654 (2017)
S. Naaz, Detection of phishing in internet of things using machine learning approach. Int. J. Digital Crime Forensics (IJDCF) 13(2), 1–15 (2021)
R.S. Rao, T. Vaishnavi, A.R. Pais, PhishDump: a multi-model ensemble based technique for the detection of phishing sites in mobile devices. Pervasive Mob. Comput. 60, 101084 (2019)
G.D.L.T. Parra et al., Detecting internet of things attacks using distributed deep learning. J. Netw. Comput. Appl. 163, 102662 (2020)
Sahu, K. and S. Shrivastava, Kernel K-means clustering for phishing website and malware categorization. Int. J. Comput. Appl. 2015. 111(9) (2015)
M. Sameen, K. Han, S.O. Hwang, Phishhaven—an efficient real-time AI phishing URLs detection system. IEEE Access 8, 83425–83443 (2020)
J. Feng et al., Web2Vec: phishing webpage detection method based on multidimensional features driven by deep learning. IEEE Access 8, 221214–221224 (2020)
P. Yang, G. Zhao, P. Zeng, Phishing website detection based on multidimensional features driven by deep learning. IEEE Access 7, 15196–15209 (2019)
R. Ravi, A performance analysis of software defined network based prevention on phishing attack in cyberspace using a deep machine learning with CANTINA approach (DMLCA). Comput. Commun. 153, 375–381 (2020)
E.S. Gualberto et al., From feature engineering and topics models to enhanced prediction rates in phishing detection. IEEE Access 8, 76368–76385 (2020)
A.A. Ubing, S.K.B. Jasmi, A. Abdullah, N.Z. Jhanjhi, M. Supramaniam, Phishing website detection: an improved accuracy through feature selection and ensemble learning. Int. J. Adv. Comput. Sci. Appl. (IJACSA) 10(1) (2019)
M. Das et al., Exquisite analysis of popular machine learning–based phishing detection techniques for cyber systems. J. Appl. Sec. Res. 16(4), 538–62 (2021)
J. Mao et al., Phishing page detection via learning classifiers from page layout feature. EURASIP J. Wirel. Commun. Netw. 2019(1), 1–14 (2019)
W. Ali, S. Malebary, Particle swarm optimization-based feature weighting for improving intelligent phishing website detection. IEEE Access 8, 116766–116780 (2020)
R.S. Rao, A.R. Pais, Two level filtering mechanism to detect phishing sites using lightweight visual similarity approach. J. Ambient. Intell. Humaniz. Comput. 11(9), 3853–3872 (2020)
R.S. Rao, A.R. Pais, Detection of phishing websites using an efficient feature-based machine learning framework. Neural Comput. Appl. 31(8), 3851–3873 (2019)
P. Sun, P. Liu, Q. Li, C. Liu, X. Lu, R. Hao, J. Chen, DL-IDS: extracting features using CNN-LSTM hybrid network for intrusion detection system. Sec. Commun. Netw. 28(2020), 1–1 (2020)
K.M. Sundaram et al., Detecting phishing websites using an efficient feature-based machine learning framework. Revista Geintec-Gestao Inovacao E Tecnol. 11(2), 2106–2112 (2021)
K. Kaushik et al., Advanced smart computing technologies in cybersecurity and forensics (CRC Press, London, 2021)
J. Feng, L. Zou, T. Nan, A phishing Webpage detection method based on stacked autoencoder and correlation coefficients. J. Comput. Inf. Technol. 27(2), 41–54 (2019)
S. Douzi, M. Amar, and B. El Ouahidi. Advanced phishing filter using autoencoder and denoising autoencoder. in Proceedings of the International Conference on Big Data and Internet of Thing. 2017
E. Zhu et al., OFS-NN: an effective phishing websites detection model based on optimal feature selection and neural network. IEEE Access 7, 73271–73284 (2019)
Y.A. Alsariera et al., Ai meta-learners and extra-trees algorithm for the detection of phishing websites. IEEE Access 8, 142532–142542 (2020)
M. Priya, L. Sandhya, and C. Thomas. A static approach to detect drive-by-download attacks on webpages. in 2013 International Conference on Control Communication and Computing (ICCC). 2013. IEEE
A.A. Orunsolu, A.S. Sodiya, A.T. Akinwale, A predictive model for phishing detection. J. King Saud Univ. Comput. Inform. Sci. 34(2), 232–47 (2022)
S. Priya, S. Selvakumar, R.L. Velusamy, PaSOFuAC: particle swarm optimization based fuzzy associative classifier for detecting phishing websites. Wirel. Personal Commun. 125(1), 755–84 (2022)
S.H. Ahammad, S.D. Kale, G.D. Upadhye, S.D. Pande, E.V. Babu, A.V. Dhumane, M.D.K.J. Bahadur, Phishing URL detection using machine learning methods. Adv. Eng. Softw. 173, 103288 (2022)
D. Nanthiya, P. Keerthika, S. B. Gopal, S. B. Kayalvizhi, T. Raja, and R. Snega Priya. "SVM based DDoS attack detection in IoT using Iot-23 botnet dataset." in 2021 Innovations in Power and Advanced Computing Technologies (i-PACT), pp. 1–7. IEEE, 2021
Funding
‘The authors declare that no funds, grants, or other support were received during the preparation of this manuscript.’
Author information
Authors and Affiliations
Contributions
All authors contributed in completion of this paper.
Corresponding authors
Ethics declarations
Competing interests
‘The authors have no relevant financial or non-financial interests to disclose.’
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Gopal, S.B., Poongodi, C., Nanthiya, D. et al. Autoencoder-Based Architecture for Identification and Mitigating Phishing URL Attack in IoT Using DNN. J. Inst. Eng. India Ser. B 104, 1227–1240 (2023). https://doi.org/10.1007/s40031-023-00934-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s40031-023-00934-8