Hunting Phishing Websites Using a Hybrid Fuzzy-Semantic-Visual Approach

Phishing attack is a serious threat to websites, as this type of attack is simple to implement and easy to deploy, but it is fatal in its execution. The amount of phishing attack cases is skyrocketing over years. Therefore, phishing intelligence is vital for web owners to prevent potential phishing campaigns. These data are currently obtained from community-based services, which require manual submission of suspicious sites and manual inspection to determine which one is truly a phishing site. This type of bureaucratic threat detection is ineffective against phishing attacks, as phishing sites usually vanish after a few hours. Therefore, our works focus on automating the phishing website detection process using machine learning approaches. We have developed an automated system to actively search for suspicious websites, then it extracts and analyzes those websites. The system generates suspicious domains from the original domain using fuzzy algorithms. After that, it extracts the screenshots and HTML of the suspicious websites and compares them with the original website, using a specialized foreground extraction algorithm and GloVe embedding respectively. The similarities are used by a machine learning model to conclude whether a suspicious website is a phishing site or not. Good results have been achieved in the experiments, with an accuracy of 99.75%, s precision of 96.77% and a recall of 96%.