Phishing Detection Using Rule-Based Approaches: Email and URL Filtering Techniques

Abstract

Phishing, a well-known name in the field of cybersecurity. It is one of the most dangerous cyber- attacks in recent it or online. Phishing can be done using various techniques. Almost every few days, there are new techniques evolving to perform phishing attacks. By successfully making a phishing attack, an attacker can steal sensitive user information. This thesis proposes a rule-based detection system that analyzes email content and metadata such as subject lines, body text, URLs, and sender domains to identify phishing attempts. Using a carefully selected dataset of both authentic and phishing emails, a score system based on several rules was used to categorize emails. Accuracy, precision, recall, and F1-score were used to assess the system's performance following preprocessing and the application of detection rules. The results demonstrate that a rule-based strategy provides a simple and understandable way to detect phishing attempts, especially in settings with low resources. This rule-based approach to detecting phishing emails is lightweight, and it does not require large training data or complex interfaces. It can be easily integrated into email filtering systems for early phishing prevention.