Real-time Phishing Attack Detection using ML - Abdul Ghani
Download as PPTX, PDF0 likes2,564 views
The document introduces a framework called RPAD-ML for real-time phishing attack detection on mobile devices, which addresses the shortcomings of existing systems that only protect Google Chrome users. RPAD-ML utilizes a machine learning model to detect phishing sites across all browsers and apps, ensuring comprehensive protection by monitoring all network traffic. Future enhancements include optimizing response times and integrating the machine learning model locally on devices.
Real-time Phishing Attack Detection using ML - Abdul Ghani
- 1. REALTIME PHISHING ATTACK DETECTION USING MACHINE LEARNING TEAM MEMBERS: GUIDE: ABDUL GHANI(15W91A0501), B. SINDHUJA(15W91A0509), K. SAI AMULYA(15W91A0523) DR. KIRAN KUMAR REDDY
- 2. ABSTRACT Today, there is an exponential growth of e-services requiring the exchange of personal and sensible information over the Internet. Phishing techniques are emerging as the easiest solution to break the weakest link of the security chain: the end user. Social engineering attacks are deployed by financial/cyber criminals at a very low cost to induce naïve Internet users to reveal user ID, passwords, bank account and credit card numbers. This problem needs to be addressed in the mobile field as well, due to the large diffusion of mobile platforms such as smartphones, tablet, etc. To overcome this problem we propose a framework for phishing detection in Android mobile devices which, on the one hand exploits well-known techniques already implemented by popular web browsers plug-in, such as public blacklist search, and, on the other hand, implement a machine learning based engine to ensure zero-hour protection from new phishing campaigns.
- 3. EXISTING SYSTEM The phishing detection system is confined to Google Chrome Browser. It uses Google’s Safe Browsing Database to warn user before entering a possible phishing site.
- 4. DISADVANTAGES OF EXISTING SYSTEM Although, it protects user from entering into phishing sites on Chrome Browser, it fails to do so on other browsers. It cannot detect newly created phishing sites (Someone has to report it) Doesn’t work in other mobile browsers Doesn’t scan all the links opened by the device(Mobile) Cannot intercept all network traffic like GET requests.
- 5. PROPOSED SYSTEM To overcome the drawbacks of existing system, we propose a framework RPAD-ML (REALTIME PHISHING ATTACK DETECTION USING MACHINE LEARNING). It is based on Machine learning classification model and can detect phishing attacks in mobile in realtime.
- 6. ADVANTAGES OF PROPOSED SYSTEM Detects phishing attacks even on mobile devices It is not limited to one browser; can work on all browsers Not confined to browsers, scans links in other apps too. Detects all the network traffic and intercepts phishing sites.
- 7. HARDWARE REQUIREMENTS Processor : Intel I3 or greater RAM : 8GB Hard Disk : 50GB
- 8. SOFTWARE REQUIREMENTS Server Operating System : Linux 16.04 LTS Web Server : Python Flask 1.0.2 Backend Language : Python 3.7 Database : MongoDB 4.0 Modeling Tool : Weka 3.8.3 Client Operating System : Android 5.0+
- 9. SYSTEM ARCHITECTURE Server Client (Android) Database Machine Learning Model Google API Request Response
- 10. SYSTEM MODULES API: Provides interface to connect with backend server and call different functions. Machine Learning Model: Uses classification model to predict if a site is phishing site or not.
- 11. USECASE DIAGRAM
- 12. SEQUENCE DIAGRAM
- 13. CLASS DIAGRAM
- 14. RESULTS
- 15. CONCLUSION By using RPADML system, we solve the problem of detecting phishing sites on mobile devices in real- time. Now, the users are able to identify phishing sites/links without interacting. RPADML system itself shows floating warning sign before entering such websites.
- 16. FUTURE ENHANCEMENTS Adding compiled machine learning model in local devices Increasing the efficiency of API i.e., Response Time by leveraging Server Resources Ability to report false-positive results. Better garbage management in client device.