Detecção de Phishing no Twitter Baseada em Algoritmos de Aprendizagem Online

Abstract

Twitter is one of the most used social networks in the world with about 328 million users sharing images, videos, texts and links. Due to the restrictions on message size it is common for tweets to share shortened links to websites, making it impossible to visually identify the URL before knowing what will be displayed. Faced with this scenario, Twitter becomes a means of spreading phishing attacks through malicious links. Phishing is an attack that seeks to obtain personal information like name, CPF, passwords, number of bank accounts and numbers of credit cards. Twitter phishing attack detection systems are usually built using off-line supervised machine learning, where a large amount of data is examined once to induce a single static prediction model. In these systems, the incorporation of new data requires the reconstruction of the prediction model from the processing of the entire database, making this process slow and inefficient. In this work we propose a framework to detect phishing in Twitter. The framework uses supervised online learning, that is, the classifier is updated with each processed tweet and, if it makes a wrong prediction, the model is updated by adapting quickly to the changes with low computational cost, time and maintaining its efficiency in the task of ranking. For this study we evaluated the performance of the online learning algorithms Adaptive Random Forest, Hoeffding Tree, Naive Bayes, Perceptron and Stochastic Gradient Descent. The online Adaptive Random Forest classifier presented 99.8% prequential accuracy in the classification of phishing tweets.