Browsing by Author "Korkmaz, Mehmet"

Filter results by typing the first few letters
Now showing 1 - 2 of 2
  • No Thumbnail Available
    PublicationRestricted
    Detection of Phishing Websites by Using Machine Learning-Based URL Analysis
    (Institute of Electrical and Electronics Engineers Inc., 2020) Korkmaz, Mehmet; ŞAHİNGÖZ, ÖZGÜR KORAY; Diri, Banu
    In recent years, with the increasing use of mobile devices, there is a growing trend to move almost all real-world operations to the cyberworld. Although this makes easy our daily lives, it also brings many security breaches due to the anonymous structure of the Internet. Used antivirus programs and firewall systems can prevent most of the attacks. However, experienced attackers target on the weakness of the computer users by trying to phish them with bogus webpages. These pages imitate some popular banking, social media, e-commerce, etc. sites to steal some sensitive information such as, user-ids, passwords, bank account, credit card numbers, etc. Phishing detection is a challenging problem, and many different solutions are proposed in the market as a blacklist, rule-based detection, anomaly-based detection, etc. In the literature, it is seen that current works tend on the use of machine learning-based anomaly detection due to its dynamic structure, especially for catching the 'zero-day' attacks. In this paper, we proposed a machine learning-based phishing detection system by using eight different algorithms to analyze the URLs, and three different datasets to compare the results with other works. The experimental results depict that the proposed models have an outstanding performance with a success rate.
  • Thumbnail Image
    PublicationRestricted
    Feature Selections for the Classification of Webpages to Detect Phishing Attacks: A Survey
    (IEEE, 2020) Korkmaz, Mehmet; ŞAHİNGÖZ, ÖZGÜR KORAY; Diri, Banu
    In recent years, due to the increased number of Internet-connected devices, almost all the real-world interactions are transferred to the cyberworld. Therefore, most of the commerce (especially in the e-commerce format) are executed over webpages. The anonymous and uncontrollable structure of Internet, enables the malicious use of this cyber environment for a relatively new crime format, named as e-crime, which mainly aims some illegal financial gain by cheating the standard end-users. Phishing attacks are one of the most preferred fraudulent technique which is used for getting some confidential information (like user-id, password, credit card information, etc.) of the end-users. Therefore, security admins of the networks try to decrease the number of victims is their companies. One principal protection mechanism is the use of blacklists to detect the phishing webpages. However, it has a significant deficiency in not protection about new page attacks. Most of the security admins use some learning systems which are trained by a pre-collected a-dataset by extracting some features from the URL and content of the web pages. The performance of the used system directly related with the features used for the classification. In this work, we aimed to analyze the previously used features in the classification of the web pages by making a comparative analysis about the literature. With this study, it is aimed to produce a general survey resource for the researchers, which aim to work on the classification of webpages or the security of the networks.