An Intelligent System for Phishing Attack Detection and Prevention

摘要

Cyber security is a most important trepidation in the widespread adoption of internet technologies in the everyday activities of human being. Even though more sophisticated technologies emerged on the Internet, but different kinds of attacks and threats are also increasing day by day. Cyber attacks causes loss of customer confidence in adopting internet based applications. Phishing attack is one of the common vulnerabilities in the cyber space. Most of the anti-phishing solutions proposed so are focused only on a single issue and needs improvement. For malicious web page detection and prevention, an intelligent multi agent solution is proposed in this paper with the help of machine learning methods. The proposed approach detects both phishing sites and websites with malicious content. This multi-agent system contains four autonomous intelligent agents, which communicate with each other using the Extensible Messaging and Presence Protocol (XMPP) for decision-making. The first is a monitoring agent, second and third is for decision-making (using the machine-learning classifiers) and the fourth is for action-performing. The first agent is responsible for extracting URLs. It passes the extracted URLs to the second agent for feature extraction and classification. If any phishing is detected, the second agent communicates with the fourth agent and the site is blocked. Otherwise, the second agent communicates with the third agent for malicious script detection. If any malicious script is detected then the fourth agent blocks the entire web page. We have tested the performance and accuracy of the proposed method and obtained results ensures its efficiency.