Volume 17 , Issue 2 , PP: 227-226, 2026 | Cite this article as | XML | Html | PDF | Full Length Article
A. Usha Ruby 1 * , George Chellin Chandran J. 2
Doi: https://doi.org/10.54216/JCIM.170216
Phishing attacks remain a persistent and ever-evolving threat to both networked systems and their users' privacy. In response to this formidable challenge, our research delves into an innovative approach designed to enhance the precision of phishing Uniform Resource Locator (URL) detection within the dynamic and programmable realm of Software-Defined Networks (SDNs). By harnessing feature selection capabilities and adaptive machine learning techniques, our proposed framework aims to fortify security measures in SDNs against these malicious campaigns. Our methodology's core is the deliberate selection of discriminative features from the extensive network data attributes. This feature selection process is meticulously designed to identify the most relevant characteristics associated with phishing URLs, thereby enabling the extraction of invaluable insights for more precise detection. These carefully chosen features then serve as inputs for a dynamic machine-learning model, trained to adapt and evolve alongside the constantly changing landscape of phishing attacks. Within the SDN environment, our framework optimizes utilizing network resources and controller processing power. It achieves this by reducing the dimensionality of input data, resulting in improved detection accuracy and a decrease in false positives. The adaptive nature of our machine-learning model ensures rapid recognition of emerging phishing tactics, thereby reducing the risk of succumbing to novel and sophisticated attacks. To validate the effectiveness of our approach, we conducted extensive experiments and evaluations within an SDN testbed, utilizing real-world phishing URL datasets. The results consistently demonstrate that our framework surpasses conventional methods, achieving higher detection accuracy and adaptability to evolving threats. In summary, our research represents a significant stride in the ongoing battle against phishing attacks by leveraging the dynamic capabilities of SDNs. The synergy between feature selection and adaptive machine learning techniques empowers SDNs to sustain accurate and effective phishing URL detection, ultimately reinforcing network security and safeguarding user privacy in an ever-evolving threat landscape.
Software-Defined Networks , URL , Phishing , Legitimate , Machine Learning
[1] S. W. Lin, K. C. Ying, C. Y. Lee, and Z. J. Lee, “An intelligent algorithm with feature selection and decision rules applied to anomaly intrusion detection,” Applied Soft Computing, vol. 12, no. 10, pp. 3285-3290, Oct. 2012. doi: 10.1016/j.asoc.2012.05.004.
[2] M. Al-Janabi, E. D. Quincey, and P. Andras, “Using supervised machine learning algorithms to detect suspicious URLs in online social networks,” in Proceedings of the 2017 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining, pp. 1104-1111, Jul. 2017. doi: 10.1145/3110025.3116201.
[3] X. Xiao, D. Zhang, G. Hu, Y. Jiang, and S. Xia, “CNN–MHSA: A Convolutional Neural Network and multi-head self-attention combined approach for detecting phishing websites,” Neural Networks, vol. 125, pp. 303-312, May 2020. doi: 10.1016/j.neunet.2020.02.013.
[4] X. Lu, D. Han, L. Duan, and Q. Tian, “Intrusion detection of wireless sensor networks based on IPSO algorithm and BP neural network,” International Journal of Computational Science and Engineering, vol. 22, no. 2-3, pp. 221-232, 2020. doi: 10.1504/IJCSE.2020.107344.
[5] Z. Rustam and S. A. A. Kharis, “Comparison of support vector machine recursive feature elimination and kernel function as feature selection using support vector machine for lung cancer classification,” in Journal of Physics: Conference Series, vol. 1442, no. 1, pp. 012027, 2020. doi: 10.1088/1742-6596/1442/1/012027.
[6] M. Alweshah, M. Alkhalaileh, D. Albashish, M. Mafarja, Q. Bsoul, and O. Dorgham, “A hybrid mine blast algorithm for feature selection problems,” Soft Computing, vol. 25, pp. 517-534, Jan. 2021. doi: 10.1007/s00500-020-05164-4.
[7] “Feature selection,” Scikit-Learn. [Online]. Available: https://scikit-learn.org/stable/modules/feature_selection.html#univariate-feature-selection. [Accessed: Jul. 03, 2021].
[8] V. N. Vapnik, “An overview of statistical learning theory,” IEEE Transactions on Neural Networks, vol. 10, no. 5, pp. 988–999, Sep. 1999. doi: 10.1109/72.788640.
[9] O. A. Khashan, R. Ahmad, and N. M. Khafajah, “An automated lightweight encryption scheme for secure and energy-efficient communication in wireless sensor networks,” Ad Hoc Networks, vol. 115, p. 102448, Apr. 2021. doi: 10.1016/j.adhoc.2021.102448.
[10] A. T. Alzubaidi, S. A. Alzahrani, and H. A. Alshahrani, “A Comprehensive Review of Machine Learning Techniques for Cybersecurity Threat Detection,” Journal of Information Security and Applications, vol. 64, p. 103036, 2023. doi: 10.1016/j.jisa.2023.103036.
[11] “Software-Defined Networking (SDN) Definition,” ONF. [Online]. Available: https://www.opennetworking.org/sdn-definition. [Accessed: Jun. 08, 2021].
[12] T. Chin, K. Xiong, and C. Hu, “Phishlimiter: a phishing detection and mitigation approach using software-defined networking,” IEEE Access, vol. 6, pp. 42513–42531, Jun. 2018. doi: 10.1109/ACCESS.2018.2837889.
[13] K. A. Janani, V. Vetriselvi, R. Parthasarathi, and V. R. K. Rao, “An Approach to URL Filtering in SDN,” in International Conference on Computer Networks and Communication Technologies, Springer Singapore, pp. 217–228, 2019. doi: 10.1007/978-981-10-8681-6_21.
[14] Y. Zhang, J. I. Hong, and L. F. Cranor, “Cantina: a content-based approach to detecting phishing websites,” in Proceedings of the 16th International World Wide Web Conference WWW2007, pp. 639–648. doi: 10.1145/1242572.1242659.
[15] S. Ustebay, Z. Turgut, and M. A. Aydin, “Intrusion Detection System with Recursive Feature Elimination by Using Random Forest and Deep Learning Classifier,” in International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism, pp. 71–76, 2019. doi: 10.1109/IBIGDELFT.2018.8625318.
[16] R. Wazirali and R. Ahmad, “Machine learning approaches to detect DoS and their effect on WSNs lifetime,” Computers, Materials & Continua, vol. 70, no. 3, pp. 4921–4946, Mar. 2022. doi: 10.32604/cmc.2022.020044.
[17] R. Vinayakumar, M. Alazab, K. P. Soman, P. Poornachandran, A. Al-Nemrat, and S. Venkatraman, “Deep learning approach for intelligent intrusion detection system,” IEEE Access, vol. 7, pp. 41525–41550, Apr. 2019. doi: 10.1109/ACCESS.2019.2895334.
[18] W. Wei, Q. Ke, J. Nowak, M. Korytkowski, R. Scherer, and M. Woźniak, “Accurate and fast URL phishing detector: a convolutional neural network approach,” Computer Networks, vol. 178, p. 107275, Sep. 2020. doi: 10.1016/j.comnet.2020.107275.
[19] M. Miao and B. Wu, “A flexible phishing detection approach based on software-defined networking using ensemble learning method,” in ACM International Conference Proceedings Series, pp. 70–73, Jun. 2020. doi: 10.1145/3407947.3407952.
[20] A. O. Abdullaziz and L. Wang, “Mitigating DoS Attacks against SDN controller using information hiding,” in 2019 IEEE Wireless Communications and Networking Conference (WCNC), pp. 1-6, 2019. doi: 10.1109/WCNC.2019.8885764.
[21] B. Agborubere and E. Sanchez-Velazquez, “OpenFlow communications and TLS security in software-defined networks,” in 2017 IEEE International Conference on Internet of Things (IThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 560–566. doi: 10.1109/iThings-GreenCom-CPSCom-SmartData.2017.88.
[22] I. Ahmad, S. Namal, M. Ylianttila, and A. Gurtov, “Security in software defined networks: a survey,” IEEE Communications Survey & Tutorials, vol. 17, no. 4, pp. 2317–2346, Aug. 2015. doi: 10.1109/COMST.2015.2474118.
[23] M. E. Ahmed and H. Kim, “DDoS attack mitigation in Internet of things using software-defined networking,” in 2017 IEEE Third International Conference on Big Data Computing Service and Applications (BigDataService), pp. 271–276, Apr. 2017. doi: 10.1109/BigDataService.2017.41.
[24] A. Aizuddin, M. Atan, M. Norulazmi, M. Noor, S. Akimi, and Z. Abidin, “DNS Amplification attack detection and mitigation via sFlow with Security-Centric SDN,” in Proceedings of the 11th International Conference on Ubiquitous Information Management and Communication, pp. 1-7, Jan. 2017. doi: 10.1145/3022227.3022230.
[25] S. Al-Haj and W. J. Tolone, “Flow Table pipeline misconfigurations in Software Defined Networks,” in 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp. 247–252, May 2017. doi: 10.1109/INFCOMW.2017.8116384.
[26] E. Alasadi and H. S. Al-Raweshidy, “SSED: servers under software-defined network architectures to eliminate discovery messages,” IEEE/ACM Transactions on Networking, vol. 26, no. 1, pp. 104–117, Nov. 2018. doi: 10.1109/TNET.2017.2763131.
[27] J. A. Alcorn and C. E. Chow, “A framework for large-scale modeling and simulation of attacks on an OpenFlow network,” in 2014 23rd International Conference on Computer Communication and Networks (ICCCN), pp. 1–6, Aug. 2014. doi: 10.1109/ICCCN.2014.6911848.
[28] M. Allouzi and J. Khan, “SafeFlow: authentication protocol for software-defined networks,” in 2018 IEEE 12th International Conference on Semantic Computing (ICSC), pp. 374–376, Jan. 2018. doi: 10.1109/ICSC.2018.00076.
[29] O. Alparslan, O. Gunes, Y. S. Hanay, S. Arakawa, and M. Murata, “Improving resiliency against DDoS attacks by SDN and multipath orchestration of VNF services,” in 2017 IEEE International Symposium on Local and Metropolitan Area Networks (LANMAN), pp. 1–3, Jan. 2017. doi: 10.1109/LANMAN.2017.7972158.
[30] M. Ambrosin, M. Conti, F. D. Gaspari, and R. Poovendran, “LineSwitch: tackling control plane saturation attacks in software-defined networking,” IEEE/ACM Transactions on Networks, vol. 25, no. 2, pp. 1206–1219, 2017. doi: 10.1109/TNET.2016.2626287.
[31] A. Aseeri, N. Netjinda, and R. Hewett, “Alleviating eavesdropping attacks in software-defined networking data plane,” in Proceedings of the 12th Annual Conference on Cyber and Information Security Research, pp. 1-8, Apr. 2017. doi: 10.1145/3064814.3064832.
[32] M. V. O. De Assis, A. H. Hamamoto, T. Abrão, and M. L. Proença, “A game theoretical based system using Holt-Winters and genetic algorithm with fuzzy logic for DoS/DDoS mitigation on SDN networks,” IEEE Access, vol. 5, pp. 9485–9496, May 2017. doi: 10.1109/ACCESS.2017.2702341.
[33] P. Yang, G. Zhao, and P. Zeng, “Phishing website detection based on multidimensional features driven by deep learning,” IEEE Access, vol. 7, pp. 15196–15209, Jan. 2019. doi: 10.1109/ACCESS.2019.2892066.
[34] R. S. Rao, T. Vaishnavi, and A. R. Pais, “CatchPhish: detection of phishing websites by inspecting URLs,” Journal of Ambient Intelligent Humanized Computing, vol. 11, no. 2, pp. 813-825, Feb. 2020. doi: 10.1007/s12652-019-01311-4.
[35] K. L. Chiew, C. L. Tan, K. S. Wong, K. S. C. Yong, and W. K. Tiong, “A new hybrid ensemble feature selection framework for machine learning-based phishing detection system,” Information Sciences, vol. 484, pp. 153-166, May 2019. doi: 10.1016/j.ins.2019.01.064.
[36] E. Zhu, Y. Chen, C. Ye, X. Li, and F. Liu, “OFS-NN: an effective phishing websites detection model based on optimal feature selection and neural network,” IEEE Access, vol. 7, pp. 73271-73284, Jun. 2019. doi: 10.1109/ACCESS.2019.2920655.
[37] J. Mao, J. Bian, W. Tian, S. Zhu, T. Wei, A. Li, and Z. Liang, “Detecting phishing websites via aggregation analysis of page layouts,” Procedia Computer Science, vol. 129, pp. 224-230, Jan. 2018. doi: 10.1016/j.procs.2018.03.053.
[38] O. K. Sahingoz, E. Buber, O. Demir, and B. Diri, “Machine learning based phishing detection from URLs,” Expert Systems with Applications, vol. 117, pp. 345–357, Mar. 2019. doi: 10.1016/j.eswa.2018.09.029.
[39] A. C. Bahnsen, E. C. Bohorquez, S. Villegas, J. Vargas, and F. A. Gonzalez, “Classifying phishing URLs using recurrent neural networks,” in 2017 APWG Symposium on Electronic Crime Research (eCrime), pp. 1-8, Apr. 2017. doi: 10.1109/ECRIME.2017.7945048.
[40] A. U. Ruby, J. G. C. Chandran, T. S. Jain, B. N. Chaithanya, and R. Patil, “RFFE–Random Forest Fuzzy Entropy for the classification of Diabetes Mellitus,” AIMS Public Health, vol. 10, no. 2, pp. 422-442, 2023. doi: 10.3934/publichealth.2023030.
[41] Y. Li, J. Xiao, Y. Chen, and L. Jiao, “Evolving deep convolutional neural networks by quantum behaved particle swarm optimization with binary encoding for image classification,” Neurocomputing, vol. 362, pp. 156-165, Oct. 2019. doi: 10.1016/j.neucom.2019.07.026.
[42] M. J. Islam, S. Ahmad, F. Haque, M. B. I. Reaz, M. A. S. Bhuiyan, and M. R. Islam, “Application of min-max normalization on subject-invariant EMG pattern recognition,” IEEE Transactions on Instrumentation and Measurement, vol. 71, pp. 1-12, Nov. 2022. doi: 10.1109/TIM.2022.3220286.
[43] K. Yan and D. Zhang, “Feature selection and analysis on correlated gas sensor data with recursive feature elimination,” Sensors and Actuators B: Chemical, vol. 212, pp. 353-363, Jul. 2015. doi: 10.1016/j.snb.2015.02.025.
[44] A. Likas, N. Vlassis, and J. J. Verbeek, “The global k-means clustering algorithm,” Pattern Recognition, vol. 36, no. 2, pp. 451-461, Feb. 2003. doi: 10.1016/S0031-3203(02)00060-2.
[45] A. Aljofey, Q. Jiang, Q. Qu, M. Huang, and J. P. Niyigena, “An effective phishing detection model based on character level convolutional neural network from URL,” Electronics, vol. 9, no. 9, p. 1514, Sep. 2020. doi: 10.3390/electronics9091514.
[46] K. Eckle and J. Schmidt-Hieber, “A comparison of deep networks with ReLU activation function and linear spline-type methods,” Neural Networks, vol. 110, pp. 232-242, Feb. 2019. doi: 10.1016/j.neunet.2018.11.005.
[47] G. Çınarer, B. G. Emiroğlu, R. S. Arslan, and A. H. Yurttakal, “Brain tumor classification using deep neural network,” Advances in Science, Technology and Engineering Systems, vol. 5, no. 5, pp. 765–769, Oct. 2020. doi: 10.25046/AJ050593.
[48] “5000 BEST WEBSITES.” [Online]. Available: http://5000best.com/websites. [Accessed: May 21, 2021].
[49] “Open Network Operating System (ONOS),” onosproject. [Online]. Available: https://docs.onosproject.org/. [Accessed: Jun. 07, 2021].
[50]“Mininet.” [Online]. Available: http://mininet.org/. [Accessed: Jul. 11, 2021].
[51] “Feature selection,” Scikit-Learn. [Online]. Available: https://scikit-learn.org/stable/modules/feature_selection.html#univariate-feature-selection [Accessed: Jul. 03, 2021].
[52] “sklearn.feature_selection.SelectFromModel,” Scikit-Learn. [Online]. Available: https://scikit-learn.org/stable/modules/generated/sklearn.feature_selection.SelectFromModel.html. [Accessed: Jul. 03, 2021].
[53] H. Wang, J. Zhang, and Y. Li, “A novel deep learning model for phishing URL detection based on multi-head self-attention and convolutional neural networks,” Future Generation Computer Systems, vol. 126, pp. 1-10, Jan. 2022. doi: 10.1016/j.future.2021.12.013.
[54] Y. Zhang, Y. Chen, and Y. Wang, “Phishing website detection using a hybrid model based on convolutional neural networks and long short-term memory,” Journal of Network and Computer Applications, vol. 199, p. 103306, Mar. 2023. doi: 10.1016/j.jnca.2023.103306.
[55] M. T. Alhassan, A. B. M. Ali, and S. A. K. Rahman, “An efficient phishing detection model using decision trees and ensemble learning techniques,” Computers & Security, vol. 115, p. 102601, Apr. 2022. doi: 10.1016/j.cose.2022.102601.
[56] A. C. Bahnsen, E. C. Bohorquez, S. Villegas, J. Vargas, and F. A. Gonzalez, “Classifying phishing URLs using recurrent neural networks,” in 2017 APWG Symposium on Electronic Crime Research (eCrime), pp. 1–8, Apr. 2017. doi: 10.1109/ECRIME.2017.7945048.
