Open Access   Article Go Back

Detection of Phishing URLs using Bayes Net and Naïve Bayes and evaluating the risk assessment using Attributable Risk

Priya Raj1 , Meenakshi Mittal2

  1. Department of Computer Science & Technology (Cyber Security), Central University of Punjab, Bhatinda, India.
  2. Department of Computer Science & Technology, Central University of Punjab, Bhatinda, India.

Section:Research Paper, Product Type: Journal Paper
Volume-6 , Issue-5 , Page no. 750-755, May-2018

CrossRef-DOI:   https://doi.org/10.26438/ijcse/v6i5.750755

Online published on May 31, 2018

Copyright © Priya Raj, Meenakshi Mittal . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

View this paper at   Google Scholar | DPI Digital Library

XML View
PDF Download

How to Cite this Paper

  • IEEE Citation
  • MLA Citation
  • APA Citation
  • BibTex Citation
  • RIS Citation

IEEE Style Citation: Priya Raj, Meenakshi Mittal, “Detection of Phishing URLs using Bayes Net and Naïve Bayes and evaluating the risk assessment using Attributable Risk,” International Journal of Computer Sciences and Engineering, Vol.6, Issue.5, pp.750-755, 2018.

MLA Style Citation: Priya Raj, Meenakshi Mittal "Detection of Phishing URLs using Bayes Net and Naïve Bayes and evaluating the risk assessment using Attributable Risk." International Journal of Computer Sciences and Engineering 6.5 (2018): 750-755.

APA Style Citation: Priya Raj, Meenakshi Mittal, (2018). Detection of Phishing URLs using Bayes Net and Naïve Bayes and evaluating the risk assessment using Attributable Risk. International Journal of Computer Sciences and Engineering, 6(5), 750-755.

BibTex Style Citation:
@article{Raj_2018,
author = {Priya Raj, Meenakshi Mittal},
title = {Detection of Phishing URLs using Bayes Net and Naïve Bayes and evaluating the risk assessment using Attributable Risk},
journal = {International Journal of Computer Sciences and Engineering},
issue_date = {5 2018},
volume = {6},
Issue = {5},
month = {5},
year = {2018},
issn = {2347-2693},
pages = {750-755},
url = {https://www.ijcseonline.org/full_paper_view.php?paper_id=2056},
doi = {https://doi.org/10.26438/ijcse/v6i5.750755}
publisher = {IJCSE, Indore, INDIA},
}

RIS Style Citation:
TY - JOUR
DO = {https://doi.org/10.26438/ijcse/v6i5.750755}
UR - https://www.ijcseonline.org/full_paper_view.php?paper_id=2056
TI - Detection of Phishing URLs using Bayes Net and Naïve Bayes and evaluating the risk assessment using Attributable Risk
T2 - International Journal of Computer Sciences and Engineering
AU - Priya Raj, Meenakshi Mittal
PY - 2018
DA - 2018/05/31
PB - IJCSE, Indore, INDIA
SP - 750-755
IS - 5
VL - 6
SN - 2347-2693
ER -

VIEWS PDF XML
389 275 downloads 199 downloads
  
  
           

Abstract

Phishing sites are manufactured or spurious URLs that are made by malignant people to imitate or imitate URLs of genuine URLs. An extensive bit of these sorts of URLs have most elevated twin to trap their casualties for tricks. Unwary Web customers may be successfully betrayed by this kind of trick. The effect is the break of data security through the exchange of private information and the losses may encounter the bad effects of financial losses and more example hacking. In this paper detection of phishing URLs is done by using Bayes net and Naïve Bayes algorithm and evaluation of risk regarding phishing URLs is done with the help of attributable risk. A training dataset of 1800 URLs (containing 1080 legitimate and 720 phished URLs) has been made to train the algorithms. Testing dataset of 720 URLs (containing 288 legitimate and 432 phished URLs) is used for making predictions using the DAG model classifier which is generated after the training of Bayes Net and Naïve Bayes Algorithm. True negative rate, True positive rate, false negative rate, false positive rate, Error rate and Accuracy are calculated after testing dataset by DAG classifier. Result shows Bayes Net has an accuracy of 71.3% and the Naïve Bayes has an accuracy of 80.5% and calculation of risk is done on the basis of attributable risk. If risk percentage for the URLs attributes is greater than 80% then risk is high, if it is between 50-80% then risk is medium and below 50% risk is low.

Key-Words / Index Term

Attributable Risk, Bayes Net, Naïve Bayes, Phishing, Risk Assessment

References

[1]. B. K. Alese, O. Oyebade, O. A. Festus, O. Iyare, and A. F. Thompson, “Evaluation of information security risks using hybrid assessment model,” The 9th International Conference for Internet Technology and Secured Transactions (ICITST-2014), pp. 387–395, 2014.
[2]. C.-T. Kuo, H.-M. Ruan, C.-L. Lei, and S.-J. Chen, “A Mechanism on Risk Analysis of Information Security with Dynamic Assessment,” 2011 Third International Conference on Intelligent Networking and Collaborative Systems, pp. 643–646, 2011.
[3]. A. Tamjidyamcholo, “Information security risk reduction based on genetic algorithm,” Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), pp. 122–127, 2012.
[4]. L. Zhou and Y. Zhou, “Gray relational analysis based method for information security risk assessment,” 2012 7th International Conference on Computer Science & Education (ICCSE), pp. 1086–1089, 2012.
[5]. J. Bhattacharjee, A. Sengupta, and C. Mazumdar, “A formal methodology for Enterprise Information Security risk assessment,” 2013 International Conference on Risks and Security of Internet and Systems (CRiSIS), pp. 1–9, 2013.
[6]. X. Wu, Y. Shen, G. Zhang, and H. Zhi, “Information security risk assessment based on D-S evidence theory and improved TOPSIS,” 2016 7th IEEE International Conference on Software Engineering and Service Science (ICSESS), pp. 153–156, 2016.
[7]. A. Fernandez and D. F. Garcia, “Complex vs. simple asset modeling approaches for information security risk assessment: Evaluation with MAGERIT methodology,” 2016 Sixth International Conference on Innovative Computing Technology (INTECH), pp. 542–549, 2016.
[8]. G. Wangen, “Information Security Risk Assessment: A Method Comparison,” Computer, vol. 50, no. 4, pp. 52–61, 2017.
[9]. S. Kondakci, “A causal model for information security risk assessment,” 2010 Sixth International Conference on Information Assurance and Security, pp. 143–147, 2010.
[10]. J. Wang, K. Fan, W. Mo, and D. Xu, “A Method for Information Security Risk Assessment Based on the Dynamic Bayesian Network,” 2016 International Conference on Networking and Network Applications (NaNA), 2016.
[11]. X. Chen, I. Bose, A. C. M. Leung, and C. Guo, “Assessing the severity of phishing attacks: A hybrid data mining approach,” Decision Support Systems, vol. 50, no. 4, pp. 662–672, 2011.
[12]. M. R. Aburrous, A. Hossain, K. Dahal, and F. Thabatah, “Modelling Intelligent Phishing Detection System for E-banking Using Fuzzy Data Mining,” 2009 International Conference on CyberWorlds, pp. 265–272, 2009.
[13]. R. M. Mohammad, L. Mccluskey, and F. Thabtah, “Intelligent rule-based phishing websites classification,” IET Information Security, vol. 8, no. 3, pp. 153–160, Jan. 2014.
[14]. M. Shukla, S. Sharma “Analysis of Efficient Classification Algorithm for Detection of Phishing Site,” International Journal of Scientific Research in Computer Science and Engineering, vol. 5, no. 3, pp. 136–141, Jun. 2017.
[15]. A. Singla, K. Jain, A. Gairola “Delving into Security of networks-Time’s Ned,” International Journal of Scientific Research in Network Security and Communication, pp. 1-8, Oct. 2014.