Advanced phishing attack detection through network forensic methods and incident response planning based on machine learning

Rizal, Randi and Selamat, Siti Rahayu and Nursihab, Cucu and Amie, Nashihun (2025) Advanced phishing attack detection through network forensic methods and incident response planning based on machine learning. IJICO : International Journal of Informatics and Computing, 1 (1). pp. 19-25. ISSN 3090-4722

Text
0101719112025184432521.pdf
Available under License Creative Commons Attribution Non-commercial Share Alike.
Download (1MB)

Official URL: https://iaico.org/index.php/JICO/article/view/1/3

Abstract

The widespread use of smartphones has led to an increase in cybercrimes, particularly phishing attacks. Phishing attacks are commonly propagated through email, WhatsApp groups, and other communication channels. The stolen data is then used to commit further crimes, exploiting the victims' personal information. This study addresses the detection of phishing attacks using network forensic methods and incident response planning. Unlike previous approaches that relied solely on Incident Response Plans (IRPs) and Incident Handling methods to react to phishing attacks, this research emphasizes proactive detection. By employing network forensics, suspicious websites can be identified and differentiated from legitimate ones, enabling early detection and prevention of phishing attacks. The results demonstrate that network forensics can significantly enhance the ability to detect phishing sites before they can harm users. In our experiments, we analyzed a dataset of 10,000 websites, identifying 95% of phishing sites with a false positive rate of only 2%. Utilizing the Random Forest machine learning algorithm, we achieved high performance metrics with an accuracy of 96.5%, precision of 97.1%, recall of 95.8%, and an F1-score of 96.4%. This proactive approach not only mitigates the risk of phishing but also provides a robust framework for incident response, ensuring that potential threats are identified and neutralized promptly.

Item Type:	Article
Uncontrolled Keywords:	Phishing Attack, Detection Network, Forensics Incident, Response Planning Cybercrime Prevention, Smartphone Security
Divisions:	Faculty of Artificial Intelligence and Cyber Security
Depositing User:	Norfaradilla Idayu Ab. Ghafar
Date Deposited:	18 May 2026 01:29
Last Modified:	18 May 2026 01:29
URI:	http://eprints.utem.edu.my/id/eprint/29878
Statistic Details:	View Download Statistic

Actions (login required)

View Item