Robust Ensemble Machine Learning Model for Filtering Phishing URLs: Expandable Random Gradient Stacked Voting Classifier (ERG-SVC)

As cyber-attacks grow fast and complicated, the cybersecurity industry faces challenges to utilize state-of-the-art technology and strategies to battle the consistently present malicious threats. Phishing is a sort of social engineering attack produced technically and classified as identity theft an...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Pubudu L. Indrasiri, Malka N. Halgamuge, Azeem Mohammad
Formato: article
Lenguaje:EN
Publicado: IEEE 2021
Materias:
NLP
Acceso en línea:https://doaj.org/article/823e60f9eeac44cea8f7163caca7b006
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
Descripción
Sumario:As cyber-attacks grow fast and complicated, the cybersecurity industry faces challenges to utilize state-of-the-art technology and strategies to battle the consistently present malicious threats. Phishing is a sort of social engineering attack produced technically and classified as identity theft and complicated attack vectors to steal information of internet users. In this perspective, our main objective of this study is to propose a unique, robust ensemble machine learning model architecture that provides the highest prediction accuracy with a low error rate while proposing few other robust machine learning models. Both <italic>supervised</italic> and <italic>unsupervised</italic> techniques were used for the detection process. For our experiments, seven classification algorithms, one clustering algorithm, two ensemble techniques, and two large standard legitimate datasets with 73,575 URLs and 100,000 URLs were used. Two test modes (percentage split, K-Fold cross-validation) were utilized for conducting experiments and final predictions. Mechanisms were developed to (I) identify the best <inline-formula> <tex-math notation="LaTeX">$N$ </tex-math></inline-formula>, which is the optimal heuristic-based threshold value for splitting words into subwords for each classifier, (II) tune hyperparameters for each classifier to specify the best parameter combination, (III) select prominent features using various feature selection techniques, (IV) propose a robust ensemble model (classifier) called the <italic>Expandable Random Gradient Stacked Voting Classifier</italic> (<italic>ERG-SVC</italic>) utilizing a voting classifier along with a model architecture, (V) analyze possible clusters of the dataset using k-means clustering, (VI) thoroughly analyze the <italic>gradient boost</italic> classifier (<italic>GB</italic>) with respect to utilizing the &#x201C;criterion&#x201D; parameter with the Mean Absolute Error (<italic>MAE</italic>), Mean Squared Error (<italic>MSE</italic>), and <italic>Friendman&#x005F;MSE</italic>, and(VII) propose a lightweight preprocessor to reduce computational cost and preprocessing time. Initial experiments were carried out with 46 features; the number of features was reduced to 22 after the experiments. The results show that the <italic>GB</italic> classifier outperformed with the least number of <italic>NLP</italic> based features by achieving a 98.118&#x0025; prediction accuracy. Furthermore, our stacking ensemble model and proposed voting ensemble model (<italic>ERG-SVC</italic>) outperformed other tested approaches and yielded reliable prediction accuracy results in detecting malicious URLs at rates of 98.23&#x0025; and 98.27&#x0025;, respectively.