Confidence-Aware Phishing Website Detection Using Evidence Vector Machine

Abstract

Phishing attacks continue to pose a serious threat to online users by mimicking legitimate websites to steal sensitive information. Traditional machine learning classifiers often produce overconfident predictions when encountering unfamiliar or evolving phishing patterns, which reduces their reliability in real-world deployment. To address this limitation, this study proposes a confidence-aware phishing website detection framework based on the Evidence Vector Machine (EVM). The proposed system focuses on URL-based feature extraction to ensure practical applicability without requiring webpage content or third-party services. Relevant lexical and structural features are derived from URLs, and an EVM classifier is trained to distinguish between legitimate and phishing websites while also estimating the confidence of each prediction. Unlike conventional classifiers, EVM incorporates open-set recognition capability, enabling the model to flag suspicious or previously unseen patterns more effectively. The model is trained and evaluated using a benchmark phishing dataset after appropriate preprocessing and feature selection. Experimental results demonstrate that the EVM-based approach improves detection reliability and provides meaningful confidence scores that help reduce false trust in uncertain predictions. The system is further integrated with an interactive interface for real-time URL analysis. This work highlights the potential of confidence-aware learning for strengthening phishing detection systems and offers a scalable solution suitable for deployment in modern cybersecurity environments.