Automated Phishing Detection: A Noval Machine Learning Approach

Abstract

This research contributes a novel machine learning-based approach to cybersecurity, enhancing defenses against phishing and protecting users from emerging online threats. Phishing is an increasingly pervasive cybersecurity threat that exploits user trust by creating fraudulent websites that imitate legitimate ones to steal sensitive information, such as usernames, passwords, and financial details. These deceptive sites use visual and linguistic elements from authentic brands, making them difficult to distinguish from trusted sources and increasing the likelihood of successful attacks. As phishing tactics evolve alongside technological advancements, there is a critical need for robust, adaptive anti-phishing solutions. This research investigates the application of machine learning to enhance phishing detection, focusing on a model that uses the Gradient Boosting Classifier to identify phishing websites based on key URL features. This approach involves extracting unique characteristics that differentiate phishing URLs from genuine ones, enabling real-time classification and improved detection accuracy. The proposed method systematically analyzes URL features, comparing and contrasting aspects such as domain structure, syntax, and use of brand elements to accurately identify malicious sites. The model achieved 97.6% accuracy, demonstrating high classification correctness. With a precision of 96.5%, it effectively minimizes false positives, reducing legitimate URL misclassifications. A recall of 98.1% highlights its sensitivity in identifying phishing URLs, and an F1 score of 97.3% balances precision and recall, underscoring its reliability. These results validate the Gradient Boosting Classifier as an effective, adaptable tool against advanced phishing tactics.