Implementation of the Random Forest Algorithm for Anomaly Detection of Phishing Attacks on Computer Networks

Authors

  • Andika Agus Slameto Universitas Amikom Yogyakarta
  • Ben Rafi Kahmas Universitas Amikom Yogyakarta

DOI:

https://doi.org/10.30871/jaic.v10i1.11346

Keywords:

Anomaly Detection, Computer Networks, Machine Learning, Phishing, Random Forest

Abstract

Phishing attacks are among the most common and dangerous cyber security threats, as they exploit manipulation techniques to steal sensitive user information. This research focuses on leveraging the Random Forest algorithm to identify anomalies caused by phishing attacks in computer network environments. Random Forest was selected for its superior classification performance and its capability to handle a wide variety of data types with minimal over fitting. The experimental dataset consists of captured network traffic, containing both benign activities and malicious events labeled as phishing. The data underwent pre-processing, feature selection, and model training using Random Forest. The experimental results show that the model achieved 98% accuracy, with precision 98%, recall 98%, and F1-score 98%. This study also reveals that URL features such as the percentage of external links redirecting back to the original domain, frequent domain name mismatches, the number of hyphens (-) in the URL, and the presence of data submission via email are relevant and effective in distinguishing phishing from non-phishing URLs. These findings confirm that Random Forest can serve as an effective method for identifying phishing attacks based on URL characteristics.

Downloads

Download data is not yet available.

References

[1] APWG, “Phishing Activity Trends Report: 4th Quarter 2024.” Accessed: Mar. 24, 2025. [Online]. Available: https://apwg.org/trendsreports/

[2] BSSN, “Lanskap Keamanan Siber Indonesia,” 2025. Accessed: Mar. 27, 2025. [Online]. Available: https://www.bssn.go.id/monitoring-keamanan-siber/

[3] A. Mishra and Fancy, “Efficient Detection of Phishing Hyperlinks using Machine Learning,” International Journal on Cybernetics & Informatics, vol. 10, no. 2, pp. 23–33, May 2021, doi: 10.5121/ijci.2021.100204.

[4] N. F. Almujahid, M. A. Haq, and M. Alshehri, “Comparative Evaluation of Machine Learning Algorithms for Phishing Site Detection,” PeerJ Comput Sci, vol. 10, p. e2131, Jun. 2024, doi: 10.7717/peerj-cs.2131.

[5] E. Sangra, R. Agrawal, P. R. Gundalwar, K. Sharma, D. Bangri, and D. Nandi, “Malicious Website Detection Using Random Forest and Pearson Correlation for Effective Feature Selection,” International Journal of Advanced Computer Science and Applications, vol. 15, no. 8, 2024, doi: 10.14569/IJACSA.2024.0150876.

[6] S. Alnemari and M. Alshammari, “Detecting Phishing Domains Using Machine Learning,” Applied Sciences, vol. 13, no. 8, p. 4649, Apr. 2023, doi: 10.3390/app13084649.

[7] N. S. Zaini et al., “Phishing Detection System Using Machine Learning Classifiers,” Indonesian Journal of Electrical Engineering and Computer Science, vol. 17, no. 3, p. 1165, Mar. 2020, doi: 10.11591/ijeecs.v17.i3.pp1165-1171.

[8] R. Yang, K. Zheng, B. Wu, C. Wu, and X. Wang, “Phishing Website Detection Based on Deep Convolutional Neural Network and Random Forest Ensemble Learning,” Sensors, vol. 21, no. 24, p. 8281, Dec. 2021, doi: 10.3390/s21248281.

[9] J. Lamas Piñeiro and L. Wong Portillo, “Web architecture for URL-based phishing detection based on Random Forest, Classification Trees, and Support Vector Machine,” Inteligencia Artificial, vol. 25, no. 69, pp. 107–121, May 2022, doi: 10.4114/intartif.vol25iss69pp107-121.

[10] T. O. Ojewumi, G. O. Ogunleye, B. O. Oguntunde, O. Folorunsho, S. G. Fashoto, and N. Ogbu, “Performance evaluation of machine learning tools for detection of phishing attacks on web pages,” Sci Afr, vol. 16, p. e01165, Jul. 2022, doi: 10.1016/j.sciaf.2022.e01165.

[11] A. Karim, M. Shahroz, K. Mustofa, S. B. Belhaouari, and S. R. K. Joga, “Phishing Detection System Through Hybrid Machine Learning Based on URL,” IEEE Access, vol. 11, pp. 36805–36822, 2023, doi: 10.1109/ACCESS.2023.3252366.

[12] T. Choudhary, S. Mhapankar, R. Bhddha, A. Kharuk, and R. Patil, “Machine Learning Approach for Phishing Attack Detection,” Journal of Artificial Intelligence and Technology, May 2023, doi: 10.37965/jait.2023.0197.

[13] M. A. Alsharaiah et al., “A new phishing-website detection framework using ensemble classification and clustering,” International Journal of Data and Network Science, vol. 7, no. 2, pp. 857–864, 2023, doi: 10.5267/j.ijdns.2023.1.003.

[14] S. Tiwari, “Phishing Dataset for Machine Learning,” Kaggle. Accessed: Jul. 18, 2025. [Online]. Available: https://www.kaggle.com/datasets/shashwatwork/phishing-dataset-for-machine-learning/data

[15] V. Srinivas, C. Vinay, S. R, S. Nithin, P. Varun, and V. Venkatesh, “Illegal Phishing Techniques a Comprehensive Analysis and Emerging Countermeasures,” Macaw International Journal of Advanced Research in Computer Science and Engineering, vol. 10, no. 1, Dec. 2024, doi: https://doi.org/10.70162/mijarcse/2024/v10/i1/v10i1s08.

[16] N. Aniyansyah, R. Rina, S. Puspitasari, and A. Erfina, “Evaluation of AI Models for Phishing Detection Using Open Datasets,” in The 7th International Global Conference Series on ICT Integration in Technical Education & Smart Society, Basel Switzerland: MDPI, Aug. 2025, p. 37. doi: 10.3390/engproc2025107037.

[17] A. Alhuzali, A. Alloqmani, M. Aljabri, and F. Alharbi, “In-Depth Analysis of Phishing Email Detection: Evaluating the Performance of Machine Learning and Deep Learning Models Across Multiple Datasets,” Applied Sciences, vol. 15, no. 6, p. 3396, Mar. 2025, doi: 10.3390/app15063396.

[18] J. Thapa, G. Chahal, erban Gabreanu, and Y. Otoum, “Phishing Detection in the Gen-AI Era: Quantized LLMs vs Classical Models,” IEEE Conference, Jul. 2025, doi: https://doi.org/10.48550/arXiv.2507.07406.

[19] “Website Phishing Detection Using Machine Learning Techniques,” J Stat Appl Probab, vol. 13, no. 1, pp. 119–129, Jan. 2024, doi: 10.18576/jsap/130108.

Downloads

Published

2026-02-04

How to Cite

[1]
A. A. Slameto and B. R. Kahmas, “Implementation of the Random Forest Algorithm for Anomaly Detection of Phishing Attacks on Computer Networks”, JAIC, vol. 10, no. 1, pp. 204–211, Feb. 2026.

Issue

Vol. 10 No. 1 (2026): February 2026 (In Progress)

Section

Articles

License

Copyright (c) 2026 Andika Agus Slameto, Ben Rafi Kahmas

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Authors who publish with this journal agree to the following terms:

  • Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) ) that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
  • Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
  • Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).

Similar Articles

1 2 3 4 5 > >> 

You may also start an advanced similarity search for this article.