Detecting Phishing Websites Based on the Study of the Financial Industry Webserver Logs

Hu, Jun; Zhang, Xiangzhu; Ji, Yuchun; Yan, Haowen; Ding, Li; Li, Jia; Meng, Huiming

doi:10.1109/icisce.2016.79

Cited by 6 publications

(6 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Server-side detection Hu et al (2016) has proposed a technique that analyzes server log information to identify phishing websites. When a user visits an illegitimate webpage, the browser contacts the real one for resources.…”

Section: Detection Based On Url and Content Of Websitesmentioning

confidence: 99%

“…Detecting and blocking a phishing attack is extremely important to preserve the security and confidentiality of an individual over the internet. Researches have come up with various approaches (Armano et al 2016;Hu et al 2016;Ma et al 2009;Roy et al 2013;Sahingoz et al 2019;Williams and Li 2017) to solve this prominent problem. However, they fail in some way to be easily used by every individual.…”

Section: Introductionmentioning

confidence: 99%

“…Hu et al (2016),Wu et al (2019) Server-side Detection • Users will receive delayed responses from servers about the authenticity of the website. • They underperform in slow internet connections Armano et al (2016).…”

mentioning

confidence: 99%

See 2 more Smart Citations

Development of anti-phishing browser based on random forest and rule of extraction framework

et al. 2020

Cybersecur

View full text Add to dashboard Cite

Phishing is a technique under Social Engineering attacks which is most widely used to get user sensitive information, such as login credentials and credit and debit card information, etc. It is carried out by a person masquerading as an authentic individual. To protect web users from these attacks, various anti-phishing techniques are developed, but they fail to protect the user from these attacks in various ways. In this paper, we propose a novel technique to identify phishing websites effortlessly on the client side by proposing a novel browser architecture. In this system, we use the rule of extraction framework to extract the properties or features of a website using the URL only. This list consists of 30 different properties of a URL, which will later be used by the Random Forest Classification machine learning model to detect the authenticity of the website. A dataset consisting of 11,055 tuples is used to train the model. These processes are carried out on the client-side with the help of a redesigned browser architecture. Today Researches have come up with machine learning frameworks to detect phishing sites, but they are not in a state to be used by individuals having no technical knowledge. To make sure that these tools are accessible to every individual, we have improvised and introduced detection methods into the browser architecture named as ‘Embedded Phishing Detection Browser’ (EPDB), which is a novel method to preserve the existing user experience while improving the security. The newly designed browser architecture introduces a special segment to perform phishing detection operations in real-time. We have prototyped this technique to ensure maximum security, better accuracy of 99.36% in the identification of phishing websites in real-time.

show abstract

Section: Detection Based On Url and Content Of Websitesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Development of anti-phishing browser based on random forest and rule of extraction framework

et al. 2020

Cybersecur

View full text Add to dashboard Cite

show abstract

“…Author Jun Hu introduced a method for detection of such phishing websites using the information and references from server logs [10]. When the user visits the phishing website, this website will refer to the legitimate website and ask for resource.…”

Section: Background Researchmentioning

confidence: 99%

Learning Model for Phishing Website Detection

Suryan¹,

Kumar²,

Mehta³

et al. 2018

ICST Transactions on Scalable Information Systems

View full text Add to dashboard Cite

Website portal empowered with information technology are of great importance in present scenario. With access to data all around the world, securing our information becomes an issue of topmost priority. Over the decade there have been numerous attacks by phishing websites and people have lost huge resources. Such malicious websites, also known as phishing website, steal information of authenticate users and carry out illegal transactions by misusing the personal information. Phishing website links and associated e-mails are sent to billions of users daily, thereby becoming a big concern for cyber security. In this paper, we address the phishing problem using machine learning approach applied on our proposed model, which uses 30 distinct features for phishing detection. We extracted multiple features from the website link and applied appropriate algorithms to classify the link as legitimate or phishing links.

show abstract

“…Hence, phishing website detection has become the object of a great deal of consideration among many academics who are attempting to find ways to incorporate malicious detection devices into web servers as a safety precaution [5]. Despite there being several ways to carry out phishing attacks, current phishing detection techniques unfortunately only cover some attack vectors such as fake website and emails [6].…”

Section: Introductionmentioning

confidence: 99%

Intelligent Decision Support System

Adebowale¹

2021

Virtual Assistant

View full text Add to dashboard Cite

A phishing attack is one of the most common forms of cybercrime worldwide. In recent years, phishing attacks have continued to escalate in severity, frequency and impact. Globally, the attacks cause billions of dollars of losses each year. Cybercriminals use phishing for various illicit activities such as personal identity theft and fraud, and to perpetrate sophisticated corporate-level attacks against financial institutions, healthcare providers, government agencies and businesses. Several solutions using various methodologies have been proposed in the literature to counter web-phishing threats. This research work adopts a novel strategy to the detection and prevention of website phishing attacks, with a practical implementation through development towards a browser toolbar add-in. The IPDS is shown to be highly effective both in the detection of phishing attacks and in the identification of fake websites. Experimental results show that approach using the CNN + LSTM has a 93.28% accuracy with an average detection time of 25 seconds, whilst the approach has a slightly lower accuracy. These times are within typical times for loading a web page which makes toolbar integration into a browser a practical option for website phishing detection in real time. The results of this development are compared with previous work and demonstrate both better or similar detection performance. This is the first work that considers how best to integrate images, text and frames in a hybrid feature-based solution for a phishing detection scheme.

show abstract

Detecting Phishing Websites Based on the Study of the Financial Industry Webserver Logs

Cited by 6 publications

References 0 publications

Development of anti-phishing browser based on random forest and rule of extraction framework

Development of anti-phishing browser based on random forest and rule of extraction framework

Learning Model for Phishing Website Detection

Intelligent Decision Support System

Contact Info

Product

Resources

About