Lightweight Hyperparameter Optimization Model for Enhancing Phishing Detection in IoT

Year 2025, Volume: 18 Issue: 1, 189 - 203, 28.03.2025

Ansar Yertayev Hunaıda Avvad

https://doi.org/10.18185/erzifbed.1574090

Abstract

This study presents an enhanced machine learning approach that emphasizes the optimization of hyperparameters to improve phishing detection, particularly in resource-constrained environments like Internet of Things (IoT) devices. Phishing is considered one of the dangerous forms of cyberattacks where attackers can reveal sensitive information about user's identity, password, privacy and even properties. Machine learning techniques and tools are playing important role in detecting phishing and have shown to be effective and advantageous methods for detection and classification, especially for the unified resource locator (URL). The proposed model presupposes a systematic approach for feature selection as well as finding the optimized hyperparameter values for the sake of increasing the detection quality while maintaining low computational complexity of the process. This study examines how feature set selection from a training dataset and how hyperparameters tuning can significantly improves the performance of phishing attack classification in IoT devices. Logistic regression, random forest, gradient boosting, support vector machine, and k-nearest neighbors are used in this study. According to the experimental, we found the best hyperparameter values for each classifier and comparative results of the implemented classification algorithms showed that support vector machine achieved the best performance with an accuracy of 96.2%.

Keywords

classification, cyber security, hyperparameter tuning, industrial engineering, phishing attack

References

• [1] M. gad Awwad, M. M. Ashour, E. S. A. Marzouk, and E. AbdElhalim, “Anti-Phishing approach for IoT system in Fog networks based on machine learning algorithms,” Mansoura Engineering Journal, vol. 49, no. 3, 2024, doi: 10.58491/2735-4202.3196.
• [2] L. Shahba, A. Heidary-Sharifabad, and M. Mollahoseini Ardakani, Detection of fake web pages and phishing attacks with rabbit optimization algorithm, vol. 81, no. 1. Springer US, 2025. doi: 10.1007/s11227-024-06658-w.
• [3] A. H. Alsadig and M. O. Ahmad, “Phishing URL Detection Using Deep Learning with CNN Models,” 2nd International Conference on Intelligent Cyber Physical Systems and Internet of Things, ICoICI 2024 - Proceedings, no. ICoICI, pp. 768–775, 2024, doi: 10.1109/ICoICI62503.2024.10696243.
• [4] V. Malamas, P. Kotzanikolaou, K. Nomikos, C. Zonios, V. Tenentes, and M. Psarakis, “HA-CAAP: Hardware-Assisted Continuous Authentication and Attestation Protocol for IoT Based on Blockchain,” IEEE Internet Things J, vol. PP, no. 8, p. 1, 2025, doi: 10.1109/JIOT.2025.3530775.
• [5] H. Ghalechyan, E. Israyelyan, A. Arakelyan, G. Hovhannisyan, and A. Davtyan, “Phishing URL detection with neural networks: an empirical study,” Sci Rep, vol. 14, no. 1, p. 25134, 2024, doi: 10.1038/s41598-024-74725-6.
• [6] J. Hong et al., “Combating phishing and script-based attacks: a novel machine learning framework for improved client-side security,” Journal of Supercomputing, vol. 81, no. 1, 2025, doi: 10.1007/s11227-024-06551-6.
• [7] P. Prakash, M. Kumar, R. Rao Kompella, and M. Gupta, “PhishNet: Predictive blacklisting to detect phishing attacks,” Proceedings - IEEE INFOCOM, pp. 1–5, 2010, doi: 10.1109/INFCOM.2010.5462216.
• [8] R. S. Rao and A. R. Pais, “Detection of phishing websites using an efficient feature-based machine learning framework,” Neural Comput Appl, vol. 31, pp. 3851–3873, 2019.
• [9] M. Moghimi and A. Y. Varjani, “New rule-based phishing detection method,” Expert Syst Appl, vol. 53, pp. 231–242, 2016, doi: 10.1016/j.eswa.2016.01.028.
• [10] K. S. Adewole, A. G. Akintola, S. A. Salihu, N. Faruk, and R. G. Jimoh, Hybrid Rule-Based Model for Phishing URLs Detection, vol. 285. Springer International Publishing, 2019. doi: 10.1007/978-3-030-23943-5_9.
• [11] A. K. Jain and B. B. Gupta, “A machine learning based approach for phishing detection using hyperlinks information,” J Ambient Intell Humaniz Comput, vol. 10, no. 5, pp. 2015–2028, 2019, doi: 10.1007/s12652-018-0798-z.
• [12] E. Gandotra and D. Gupta, “An Efficient Approach for Phishing Detection using Machine Learning,” pp. 239–253, 2021, doi: 10.1007/978-981-15-8711-5_12.
• [13] Y. A. Alsariera and others, “AI meta-learners and extra-trees algorithm for the detection of phishing websites,” IEEE Access, vol. 8, pp. 142532–142542, 2020.
• [14] J. H. Nezhad, M. V Jahan, M.-H. Tayarani-N, and Z. Sadrnezhad, “Analyzing new features of infected web content in detection of malicious webpages,” ISC International Journal of Information Security, vol. 9, no. 2, pp. 63–83, 2017.
• [15] O. K. Sahingoz, E. Buber, O. Demir, and B. Diri, “Machine learning based phishing detection from URLs,” Expert Systems and Applications, vol. 117, pp. 345–357, 2019.
• [16] N. M. Shekokar, C. Shah, M. Mahajan, and S. Rachh, “An ideal approach for detection and prevention of phishing attacks,” Procedia Comput Sci, pp. 49–82, 2015.
• [17] A. Tewari and B. B. Gupta, “Security, privacy and trust of different layers in Internet-of-Things (IoTs) framework,” Future Gener. Comput., 2020.