Phishing and Smishing Detection Using Machine Learning

Abstract

We propose the use of a hybridized machine learning model to detect phishing and smishing - phishing using SMS messages - attacks with the use of several extracted features related to domains, coupled with natural language processing (NLP) trained on actual smishing messages to accurately detect attacks. Moreover, we propose an integration of the detection system with the open-source threat intelligence platform, MISP (Malware Information Sharing Platform). This allows for more effective storage and use of flagged phishing domains. The model was trained and tested using publicly available data as well as data provided by TELUS Corp. The results show an accuracy of 99.40% and an Fl score in excess of 99%.