Countering Phishing from Brands' Vantage Point

Bulakh, Vlad; Gupta, Manika

doi:10.1145/2875475.2875478

Cited by 7 publications

(6 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…We studied a wide range of previous efforts by focusing on machine learning techniques. Some of the techniques solely focused on the URL itself [11,13] but others look at both URL and the content of the page [7,25]. The use of third-party services is another difference between approaches.…”

Section: Comparing the Results With Previous Experimentsmentioning

confidence: 99%

“…Third-party enquiries to fetch the feature value reveal the browsing history of the end-users The previous studies have been done on variable sizes of datasets. While some of the datasets have less than 5 thousand records [7,25], there are also datasets with millions of instances [5,13]. Also, for approaches analyzing just the URL without the webpage content, creating massive datasets are easier.…”

Section: Comparing the Results With Previous Experimentsmentioning

confidence: 99%

See 1 more Smart Citation

Adversarial Sampling Attacks Against Phishing Detection

Shirazi

Bezawada

Ray

et al. 2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Phishing websites trick users into believing that they are interacting with a legitimate website, and thereby, capture sensitive information, such as user names, passwords, credit card numbers and other personal information. Machine learning appears to be a promising technique for distinguishing between phishing websites and legitimate ones. However, machine learning approaches are susceptible to adversarial learning techniques, which attempt to degrade the accuracy of a trained classifier model. In this work, we investigate the robustness of machine learning based phishing detection in the face of adversarial learning techniques. We propose a simple but effective approach to simulate attacks by generating adversarial samples through direct feature manipulation. We assume that the attacker has limited knowledge of the features, the learning models, and the datasets used for training. We conducted experiments on four publicly available datasets on the Internet. Our experiments reveal that the phishing detection mechanisms are vulnerable to adversarial learning techniques. Specifically, the identification rate for phishing websites dropped to 70% by manipulating a single feature. When four features were manipulated, the identification rate dropped to zero percent. This result means that, any phishing sample, which would have been detected correctly by a classifier model, can bypass the classifier by changing at most four feature values; a simple effort for an attacker for such a big reward. We define the concept of vulnerability level for each dataset that measures the number of features that can be manipulated and the cost for each manipulation. Such a metric will allow us to compare between multiple defense models.

show abstract

Section: Comparing the Results With Previous Experimentsmentioning

confidence: 99%

Section: Comparing the Results With Previous Experimentsmentioning

confidence: 99%

Adversarial Sampling Attacks Against Phishing Detection

Shirazi

Bezawada

Ray

et al. 2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Esto ocasionó que las antiguas técnicas de detección de phishing no funcionen contra los ataques más recientes (Bulakh, 2016, p. 1). Como consecuencia de esta amenaza evolutiva, se ha decidido usar técnicas de machine learning que permitan encontrar nuevas páginas fraudulentas en un periodo de tiempo largo o indefinido (Hota, 2018;Medvet, 2008;Chen, 2010;Bulakh, 2016;Rajab, 2018).…”

Section: Estado Del Arteunclassified

“…Lamentablemente, los métodos propuestos no son capaces de detectar nuevas variantes de estos ataques, debido a que las métricas más importantes para detectar páginas phishing derivan de experiencias humanas (Mao, Bian, Tian, Zhhu, Wei, Li y Liang, 2018, p. 2). Por dicho motivo, en la actualidad se recurre a la inteligencia artificial para poder identificar páginas phishing de manera dinámica y automática utilizando para ello diferentes métricas (Abu-Nimeh, 2007;Al-Janabi, 2017;Bulakh, 2016;Chen, 2010;Hota, 2018;Jain, 2016;Mao, 2018;Medvet, 2008;Mourtaji, 2017;Rajab, 2018;Sanglerdsinlapachai, 2010).…”

Section: Introductionunclassified

Comparación de técnicas de machine learning para detección de sitios web de phishing

Moncada-Vargas

2020

Interfases

View full text Add to dashboard Cite

El phishing es el robo de datos personales a través de páginas web falsas. La víctima de este robo es dirigida a esta página falsa, donde se le solicita ingresar sus datos para validar su identidad. Es en ese momento que se realiza el robo, ya que al ingresar sus datos, estos son almacenados y usados por el hacker responsable de dicho ataque para venderlos o ingresar a las entidades y realizar robos o estafas. Para este trabajo se ha investigado sobre distintos métodos de detección de páginas web phishing utilizando técnicas de machine learning. Así, el propósito de este trabajo es realizar una comparación de dichas técnicas que han demostrado ser las más efectivas en la detección de los sitios web phishing. Los resultados obtenidos demuestran que los clasificadores de árboles, denominados Árbol de Decisión y Bosque Aleatorio, han alcanzado las mayores tasas de precisión y efectividad, con valores de entre 97 % y 99 % en la detección de este tipo de páginas.

show abstract

“…Li et al 2016 Machine learning approach The study proposes a minimum enclosing Ball Support Vector Machine (BSVM) algorithm for detecting phishing websites The proposed algorithm achieved an enhanced predictive performance and speed of computation in comparison to other classifiers 45. Bulakh and Gupta, 2016 Machine learning approach The study analyzes traffic portion of a brand to identify the presence of phishing threats based on machine learning classifier Experimentations showed that that random forest classifier performed exceptionally better with an error rate of 3% The phishing data set includes 10,068 samples which can be termed as a hefty data sample when compared to any data set of merely 1,000 odd instances. For such sample sizes, the ratio of data split may not always be uniformly distributed.…”

Section: Technologymentioning

confidence: 99%

Detection of phishing websites using a novel twofold ensemble model

Nagaraj¹,

Bhattacharjee

Sridhar³

et al. 2018

JSIT

View full text Add to dashboard Cite

Purpose Phishing is one of the major threats affecting businesses worldwide in current times. Organizations and customers face the hazards arising out of phishing attacks because of anonymous access to vulnerable details. Such attacks often result in substantial financial losses. Thus, there is a need for effective intrusion detection techniques to identify and possibly nullify the effects of phishing. Classifying phishing and non-phishing web content is a critical task in information security protocols, and full-proof mechanisms have yet to be implemented in practice. The purpose of the current study is to present an ensemble machine learning model for classifying phishing websites. Design/methodology/approach A publicly available data set comprising 10,068 instances of phishing and legitimate websites was used to build the classifier model. Feature extraction was performed by deploying a group of methods, and relevant features extracted were used for building the model. A twofold ensemble learner was developed by integrating results from random forest (RF) classifier, fed into a feedforward neural network (NN). Performance of the ensemble classifier was validated using k-fold cross-validation. The twofold ensemble learner was implemented as a user-friendly, interactive decision support system for classifying websites as phishing or legitimate ones. Findings Experimental simulations were performed to access and compare the performance of the ensemble classifiers. The statistical tests estimated that RF_NN model gave superior performance with an accuracy of 93.41 per cent and minimal mean squared error of 0.000026. Research limitations/implications The research data set used in this study is publically available and easy to analyze. Comparative analysis with other real-time data sets of recent origin must be performed to ensure generalization of the model against various security breaches. Different variants of phishing threats must be detected rather than focusing particularly toward phishing website detection. Originality/value The twofold ensemble model is not applied for classification of phishing websites in any previous studies as per the knowledge of authors.

show abstract

Countering Phishing from Brands' Vantage Point

Cited by 7 publications

References 10 publications

Adversarial Sampling Attacks Against Phishing Detection

Adversarial Sampling Attacks Against Phishing Detection

Comparación de técnicas de machine learning para detección de sitios web de phishing

Detection of phishing websites using a novel twofold ensemble model

Contact Info

Product

Resources

About