RESEARCH OF MACHINE LEARNING METHODS FOR DETECTING FRAUDULENT WEBSITES
Abstract
Every year our lives become more and more connected with large volumes of data that need to be analyzed. As the volume of information increases, its analysis becomes a more voluminous and complex task. In this situation, the problem of finding a tool that will help companies and institutions in collecting, analyzing and forecasting data arises. Machine learning is an area of artificial intelligence that finds patterns in a database and, based on them, tries to predict the result. Another area of application of machine learning is the detection of fraudulent sites. Currently, with the development of information technology, digital crimes have become a serious threat to confidential information and user data. Artificial intelligence is able to analyze site parameters and determine the presence of threats to information. The study is aimed at systematizing knowledge about phishing attacks and studying machine learning methods for detecting fraudulent sites. During the study, machine learning methods for detecting phishing sites were developed, schemes were built that allow machine learning models to correctly transform data for feeding them to models. The analysis of the data provided in the dataset made it possible to correctly transform the data for the correct operation of the models, which will avoid errors. The problem of retraining machine learning models was solved. A detailed study of the dataset made it possible to filter out data that could cause errors in the model and reduce the quality of artificial learning forecasting. As a result of the work, the developed methods for searching for phishing attacks using machine learning models were tested on test data, based on the results obtained, graphs of changes in the accuracy of detecting illegitimate sites from changing the model settings were constructed. An analysis of the study was carried out and the results of the work were summarized.
References
1. Zav'yalov A.N. Internet-moshennichestvo (fishing): problemy protivodeystviya i preduprezhdeniya [In-ternet fraud (phishing): problems of counteraction and prevention], Baikal Research Journal, 2022, Vol. 13, No. 2. Available at: https://brj-bguep.ru/reader/article.aspx?id=25141 (accessed 28 March 2025).
2. History of Phishing, Phishing. Available at: https://www.phishing.org/history-of-phishing (accessed 28 March 2025).
3. Dan'ko O.S., Medvedeva T.A. Issledovanie tekhnik fishinga i metodov zashchity ot nego [Research of phishing techniques and methods of protection against it], Molodoy issledovatel' Dona [Young research-er of the Don], 2021, No. 3 (30), pp. 60-61.
4. Gupta B.B., Tewari A., Jain A.K. et al. Fighting against phishing attacks: state of the art and future chal-lenges, Neural Comput & Applic., 2017, 28, pp. 3629-3654. Available at: https://doi.org/10.1007/ s00521-016-2275-y (accessed 28 March 2025).
5. Sangani Kris. Bor'ba s krazhey lichnykh dannykh [Fighting identity theft], The Banker, Sentyabr' 2003, 70 (9), 5354. Available at: https://www.thebanker.com/content/fc6f8422-54f4-5641-a89d-607d895fe7cc.
6. McCall Tom. (December 17, 2007). Gartner Survey Shows Phishing Attacks Escalated in 2007; More than $3 Billion Lost to These Attacks, Gartner. Archived from the original on November 18, 2012. Re-trieved December 20, 2007. Available at: https://web.archive.org/web/20121118162442/ http://www.gartner.com/it/page.jsp?id=565125.
7. Cisco. TSelevoy fishing [Cisco. Spear phishing], TEKhNO N [TECHNO N]. Available at: https://technon.ru/upload/pdf/ironport_targeted_phishing.pdf (accessed 28 March 2025).
8. Afanas'eva N.S., Elizarov D.A., Myznikova T.A. Klassifikatsiya fishingovykh atak i mery pro-tivodeystviya im [Classification of phishing attacks and countermeasures], Inzhenernyy vestnik Dona [Engineering Bulletin of the Don], 2022, No. 5 (89), pp. 169-182.
9. Fishingovye pis'ma: kak ikh raspoznat' i ne stat' ikh zhertvoy [Phishing emails: how to recognize them and avoid becoming their victim], Kaspersky. Available at: https://www.kaspersky.ru/resource-center/preemptive-safety/phishing-prevention-tips (accessed 28 March 2025).
10. Kak rabotaet fishing cherez poiskovye sistemy? [How does phishing through search engines work?], keeper. Available at: https://www.keepersecurity.com/blog/ru/2023/04/12/what-is-search-engine-phishing/ (accessed 28 March 2025).
11. Making the world’s information safely accessible, Google Safe Browsing. Available at: https://safebrowsing.google.com (accessed 28 March 2025).
12. Here’s why people are saying two-factor authentication isn’t perfect, Digitaltrends. Available at: https://www.digitaltrends.com/computing/why-two-factor-authentication-isnt-perfect/ (accessed 28 March 2025).
13. Kornyukhina S.P., Laponina O.R. Issledovanie vozmozhnostey algoritmov glubokogo obucheniya dlya zashchity ot fishingovykh atak [Study of the capabilities of deep learning algorithms for protection against phishing attacks], International Journal of Open Information Technologies, 2023, Vol. 11, No. 6, pp. 163-174.
14. Boyle P., Shepherd L.A. Mailtrout: a machine learning browser extension for detecting phishing emails, 34th British HCI Conference. BCS Learning & Development, 2021, pp. 104-115.
15. CyberSecurity: BookMyShow ads. URL Analysis, kaggle. Available at: https://www.kaggle.com/ da-tasets/shibumohapatra/book-my-show (accessed 04 April 2025).
16. KNIME Analytics Platform, KNIME. Available at: https://www.knime.com/knime-analytics-platform (accessed 04 April 2025).
17. Asito F. Predskazatel'naya analitika s KNIME [Predictive analytics with KNIME transl. from engl. by A.Yu. Gin'ko. Moscow: DMK Press, 2025, 360 p.
18. Borovikov M.M. Problemy protivodeystviya transnatsional'nym prestupnym soobshchestvam v uslovi-yakh transformiruyushchegosya mira [Problems of counteracting transnational criminal communities in the context of a transforming world], Ekonomika, finansy, proektnoe upravlenie i sotsial'naya sistema Rossii: podkhody i perspektivy v usloviyakh ustoychivogo tsifrovogo razvitiya [Economy, finance, project management and the social system of Russia: approaches and prospects in the context of sustainable digital development]. Krasnodar, 20 May 2022. Available at: https://krasnodar.fa.ru/upload/constructor/a74/jr1ym9fbu4a1p6dq3me0z4do0s700f41.pdf.
19. Antonova T.S., Smirnov V.M. Fishing kak neizuchennoe kiberprestuplenie [Phishing as an unexplored cybercrime], student, 2021, Vol. 4, No. 6, pp. 69-75.
20. Otakhonov A.A. Obnaruzhenie i otsenka fishingovykh url-adresov s ispol'zovaniem algoritmov mash-innogo obucheniya [Detection and evaluation of phishing URLs using machine learning algorithms], Al-Farg’oniy avlodlari, 2024, No. 4, pp. 382-390.
