Intelligent rule-based phishing websites classification

Rami M. Mohammad, Fadi Thabtah, Lee McCluskey

Research output: Contribution to journalArticlepeer-review

166 Citations (Scopus)


Phishing is described as the art of echoing a website of a creditable firm intending to grab user's private information such as usernames, passwords and social security number. Phishing websites comprise a variety of cues within its content-parts as well as the browser-based security indicators provided along with the website. Several solutions have been proposed to tackle phishing. Nevertheless, there is no single magic bullet that can solve this threat radically. One of the promising techniques that can be employed in predicting phishing attacks is based on data mining, particularly the 'induction of classification rules' since anti-phishing solutions aim to predict the website class accurately and that exactly matches the data mining classification technique goals. In this study, the authors shed light on the important features that distinguish phishing websites from legitimate ones and assess how good rule-based data mining classification techniques are in predicting phishing websites and which classification technique is proven to be more reliable.

Original languageEnglish
Pages (from-to)153-160
Number of pages8
JournalIET Information Security
Issue number3
Early online date1 May 2014
Publication statusPublished - 1 May 2014


Dive into the research topics of 'Intelligent rule-based phishing websites classification'. Together they form a unique fingerprint.

Cite this