Přístupnostní navigace
E-přihláška
Vyhledávání Vyhledat Zavřít
Detail publikace
HRANICKÝ, R. HORÁK, A. POLIŠENSKÝ, J. JEŘÁBEK, K. RYŠAVÝ, O.
Originální název
Unmasking the Phishermen: Phishing Domain Detection with Machine Learning and Multi-Source Intelligence
Typ
článek ve sborníku mimo WoS a Scopus
Jazyk
angličtina
Originální abstrakt
In the digital landscape, phishing attacks have rapidly evolved into a major cybersecurity challenge, posing significant risks to individuals and organizations. This short paper presents our preliminary research on detecting phishing domains. Our approach amalgamates intelligence from multiple sources: DNS servers, WHOIS/RDAP, TLS certificates, and GeoIP data. We created a rich 15.8 GB dataset of information about benign and phishing domains, from which we derived a comprehensive 80-feature vector for training and testing machine learning classifiers. We propose preliminary results with a~fine-tuned XGBoost model, achieving 0.9716 precision rate, 0.9540 F-1 score, and false positive rate of 0.23%.
Klíčová slova
Phishing, Domain, Detection, Machine learning, XGBoost, Features, DNS, RDAP, TLS, GeoIP
Autoři
HRANICKÝ, R.; HORÁK, A.; POLIŠENSKÝ, J.; JEŘÁBEK, K.; RYŠAVÝ, O.
Vydáno
6. 5. 2024
Místo
Soul
Strany od
1
Strany do
5
Strany počet
BibTex
@inproceedings{BUT186776, author="Radek {Hranický} and Adam {Horák} and Jan {Polišenský} and Kamil {Jeřábek} and Ondřej {Ryšavý}", title="Unmasking the Phishermen: Phishing Domain Detection with Machine Learning and Multi-Source Intelligence", booktitle="Proceedings of IEEE/IFIP Network Operations and Management Symposium 2024", year="2024", pages="1--5", address="Soul" }