Generating Rules to Detect Phishing Websites Using URL Features

Phishing, a well-known type of the cybercrime, is a fraudulent activity created and executed by cyber criminals all over the cyberspace worldwide. Several techniques are used by these cyber criminals or scammers to carry out these attacks on the user to deceive a user. There are also some dangerous types of phishing attacks such as: by using Email messages and the Multimedia Internet Mail Extensions (MIME) attachments with the email messages that are delivered to the targeted users that include newbies as well as old and experienced users. Other types include botnet based attack that is performed using malwares sent either through emails or somehow forcing users to click on the links planted wherein these malicious messages are attached by the scammers in the body of email text or their webpages. Spear attacks are also dangerous kind of phishing attacks. In this kind of attack an individual or a company is targeted by these people to steal the sensitive data over web. Keeping in mind this very purpose, emails and malicious codes are used as their primary weapons. In present paper, Apriori algorithm is used to generate the rules so that these rules can play a vital role in detecting & predicting the phishing and non-phishing website URLs. In order to give the web users a basic idea against this threat, an effective tool is used to spread the word among the users, so that users may get the required knowledge about these and developing a tool to make users able to identify the phishing websites/content while working online.