APuML: An Efficient Approach to Detect Mobile Phishing Webpages using Machine Learning.

Nowadays, the growth of mobile phones users has gained a significant increase because of the features offered by them in abundant amounts. These devices are being used rapidly for accessing the web and many online services. However, the security mechanisms that are available in smartphones are not yet mature. Therefore, smartphones are vulnerable to various types of attacks, such as phishing. The browsers on smartphones are very trivial and the smartphones security abilities have been lessened, to match the smartphone's capabilities. Therefore, detection of the malicious website is different from the previously known technique, which is used on the desktop. Many anti-phishing techniques for mobile devices have been developed but still, there is a lack of a full-fledged solution. Therefore, this paper presents an efficient approach to detect malicious mobile webpages. The proposed approach APuML (Anti Phishing using Machine Learning) extracts all the static and site popularity features from the given URL to create a feature vector. An appropriate machine learning classification algorithm is then applied on the feature set to obtain the result and update the database accordingly. In our approach, the Random Forest classifier outperforms over other classifiers and achieved detection accuracy of 93.85%. We have also created an endpoint application for the users to interact with our system using his/her mobile devices. Moreover, the proposed approach can identify drive-by downloads attack, zero-day attack and clickjacking attack with high accuracy.