This paper presents a structured approach for detecting phishing URLs by merging data collection, feature extraction, and machine learning techniques. The authors have taken an approach by assembling a diverse dataset of URLs, clearly labeling malicious links as phishing. By leveraging Python’s socket and urlparse libraries, we were able to extract DNS records and IP addresses from these phishing links. Key features that were focused on includes IP reputation, types of DNS records, domain age, registration details, and geolocation information. To develop our predictive model, we employed logistic regression model, training it on the features derived from our labeled dataset. The model produces a probability score that indicates how likely a URL is to be malicious. When the model was tested on new URLs, those that exceeded a specific threshold were flagged as phishing. This research enhances phishing detection by effectively combining machine learning with data analysis, allowing us to address the ever-evolving challenges posed by cyber threats.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Phishing Detection Using DNS and IP Filtering

  • Ankita Mandal,
  • Sucheta Chandra,
  • Priyanka Das,
  • Sriparno Chakraborty,
  • Ishika Chowdhury,
  • Kathamrita Ghosh

摘要

This paper presents a structured approach for detecting phishing URLs by merging data collection, feature extraction, and machine learning techniques. The authors have taken an approach by assembling a diverse dataset of URLs, clearly labeling malicious links as phishing. By leveraging Python’s socket and urlparse libraries, we were able to extract DNS records and IP addresses from these phishing links. Key features that were focused on includes IP reputation, types of DNS records, domain age, registration details, and geolocation information. To develop our predictive model, we employed logistic regression model, training it on the features derived from our labeled dataset. The model produces a probability score that indicates how likely a URL is to be malicious. When the model was tested on new URLs, those that exceeded a specific threshold were flagged as phishing. This research enhances phishing detection by effectively combining machine learning with data analysis, allowing us to address the ever-evolving challenges posed by cyber threats.