An efficient phishing webpage detector

He, Mingyi; Horng, Shi–Jinn; Fan, Pingzhi; Khan, Muhammad Khurram; Run, Ray-Shine; Lai, Jui-Lin; Chen, Rong-Jian; Sutanto, Adi

doi:10.1016/j.eswa.2011.01.046

Cited by 100 publications

(40 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…-IP address ( f 1 ): almost all the literatures [8], [21], [23]- [25] [24], [25] followed and used this rule to define the value of this feature. However, this rule was highly affected by the samples.…”

Section: Feature Vectormentioning

confidence: 99%

“…In this research, we list 16 frequently used features in literatures [8], [21], [23]- [25] and one new feature, and make use of them to perform feature engineering.…”

Section: Feature Vectormentioning

confidence: 99%

“…-Using popup window ( f 15 ): legitimate websites hardly ask users to submit information through a popup window, while a part of phishing websites steal sensitive information of Internet users by means of using popup window. -Login form ( f 16 ): almost all the phishing web pages acquire sensitive information by using login forms, which are generally displayed in the same way as that used on the their phishing targets [23]. -Number of URLs linking to the current website ( f 17 ):…”

Section: Feature Vectormentioning

confidence: 99%

See 2 more Smart Citations

Application of Feature Engineering for Phishing Detection

Zhang

Ren

Jiang

2016

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

SUMMARYPhishing attacks target financial returns by luring Internet users to exposure their sensitive information. Phishing originates from e-mail fraud, and recently it is also spread by social networks and short message service (SMS), which makes phishing become more widespread. Phishing attacks have drawn great attention due to their high volume and causing heavy losses, and many methods have been developed to fight against them. However, most of researches suffered low detection accuracy or high false positive (FP) rate, and phishing attacks are facing the Internet users continuously. In this paper, we are concerned about feature engineering for improving the classification performance on phishing web pages detection. We propose a novel anti-phishing framework that employs feature engineering including feature selection and feature extraction. First, we perform feature selection based on genetic algorithm (GA) to divide features into critical features and non-critical features. Then, the non-critical features are projected to a new feature by implementing feature extraction based on a two-stage projection pursuit (PP) algorithm. Finally, we take the critical features and the new feature as input data to construct the detection model. Our anti-phishing framework does not simply eliminate the non-critical features, but considers utilizing their projection in the process of classification, which is different from literatures. Experimental results show that the proposed framework is effective in detecting phishing web pages.

show abstract

Section: Feature Vectormentioning

confidence: 99%

“…In this research, we list 16 frequently used features in literatures [8], [21], [23]- [25] and one new feature, and make use of them to perform feature engineering.…”

Section: Feature Vectormentioning

confidence: 99%

Section: Feature Vectormentioning

confidence: 99%

See 1 more Smart Citation

Application of Feature Engineering for Phishing Detection

Zhang

Ren

Jiang

2016

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

show abstract

“…Therefore, PhishNet [6], Believes that phishers often through simple URL changes, to avoid comparison, first use heuristics of known phishing sites to find new phishing websites, then apply approximate matching algorithm to generate one final score, if the score is greater than threshold, the website will be consider a potential phishing site Heuristics approach, through the analysis of the site URL and html source code to obtain the relevant features, and with others machine learning methods to determine whether the current page is a phishing site. there is study analyzed 12 features based on based on its content, HTTP transaction, and search engine results [7], and then input to support vector machine classifier, determines whether the webpage is phishing or not. In CANTINA [8], it is a content-based approach to detect phishing, besides the URL and its domain name basically, CANTINA use TF-IDF algorithm to retrieve information, TF-IDF can measure how important a word in a document, and from their experiments result, it is good at detecting phishing, and using TF-IDF can reduce FP rate effectively.…”

Section: Related Workmentioning

confidence: 99%

The Novel Features for Phishing Based on User Device Detection

Lin¹,

Chi²,

Chuang³

et al. 2016

JCP

View full text Add to dashboard Cite

Recent years the rapid developments of technology, Internet services are gradually depending on the environment to be able to provide different services. Due to the rise of mobile devices, in order to provide the most appropriate service to the users, in addition to desktop websites, the most popular sites are beginning to build a websites for mobile devices exclusive service users at the same time. However, phishing website, the phishers will not necessarily build two kinds of websites at the same time.In this paper, we propose the new phishing features through detect device according the situation. In the experiment, we through the transfer user agent of desktop and mobile to connect, and use SVM to classify, from the result, we find there are the mechanisms in most popular websites, but in phishing websites, the number of this mechanism is rarely.

show abstract

“…These techniques employ the DOM after a webpage has been rendered in a web browser to circumvent intended obfuscations. He, et al (2011) implemented a method used by Pan and Ding (2006) and Zhang et al (2007), using a combination of search engine results to determine whether a webpage is a phishing or not. The fundamental idea is that every website claims a dependable identity, and its activities match to that identity.…”

Section: Cantina Work As Followmentioning

confidence: 99%

Tutorial and critical analysis of phishing websites methods

Mohammad

Thabtah

McCluskey

2015

Computer Science Review

130

View full text Add to dashboard Cite

The Internet has become an essential component of our everyday social and financial activities.Internet is not important for individual users only but also for organizations, because organizations that offer online trading can achieve a competitive edge by serving worldwide clients. Internet facilitates reaching customers all over the globe without any market place restrictions and with effective use of e-commerce. As a result, the number of customers who rely on the Internet to perform procurements is increasing dramatically. Hundreds of millions of dollars are transferred through the Internet every day. This amount of money was tempting the fraudsters to carry out their fraudulent operations. Hence, Internet users may be vulnerable to different types of web threats, which may cause financial damages, identity theft, loss of private information, brand reputation damage and loss of customers' confidence in e-commerce and online banking. Therefore, suitability of the Internet for commercial transactions becomes doubtful. Phishing is considered a form of web threats that is defined as the art of impersonating a website of an honest enterprise aiming to obtain user's confidential credentials such as usernames, passwords and social security numbers. In this article, the phishing phenomena will be discussed in detail. In addition, we present a survey of the state of the art research on such attack. Moreover, we aim to recognize the up-to-date developments in phishing and its precautionary measures and provide a comprehensive study and evaluation of these researches to realize the gap that is still predominating in this area. This research will mostly focus on the web based phishing detection methods rather than email based detection methods. INTRODUCTIONAlthough phishing is a relatively new web-threat, it has a massive impact on the commercial and online transaction sectors. Presumably, phishing websites have high visual similarities to the legitimate ones in an attempt to defraud the honest people. Social engineering and technical tricks are commonly combined together in order to start a phishing attack. Typically, a phishing attack starts by sending an e-mail that seems authentic to potential victims urging them to update or validate their information by following a URL link within the e-mail. Predicting and stopping phishing attack is a critical step toward protecting online transactions. Several approaches were proposed to mitigate these attacks. Nonetheless, phishing websites are expected to be more sophisticated in the future. Therefore, a promising solution that must be improved constantly is needed to keep pace with this continuous evolution. Anti-phishing measures may take several forms including: legal, education and technical solutions. To date, there is no complete solution able to capture every phishing attack. The Internet community has put in a considerable amount of effort into defensive techniques against phishing. However, the problem is continuously evolving and ever more complicated decept...

show abstract

An efficient phishing webpage detector

Cited by 100 publications

References 4 publications

Application of Feature Engineering for Phishing Detection

Application of Feature Engineering for Phishing Detection

The Novel Features for Phishing Based on User Device Detection

Tutorial and critical analysis of phishing websites methods

Contact Info

Product

Resources

About