Examining the effectiveness of phishing filters against DNS based phishing attacks

Purkait, Swapan

doi:10.1108/ics-02-2013-0009

Cited by 14 publications

(9 citation statements)

References 27 publications

(29 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In short, the related studies in Zhang et al (2007a), Sheng et al (2009) and Purkait (2015) have raised critical concerns on the reliability of the conventional tools. Furthermore, the existing tools also face challenges from increasingly sophisticated…”

Section: Accepted Manuscriptmentioning

confidence: 96%

“…Recently, Purkait (2015) tested the latest commercial browsers and security applications, where 12 out of 14 tools have failed to detect any of the phishing websites that existed for only a few minutes old. In short, the related studies in Zhang et al (2007a), Sheng et al (2009) and Purkait (2015) have raised critical concerns on the reliability of the conventional tools.…”

Section: Accepted Manuscriptmentioning

confidence: 99%

See 1 more Smart Citation

PhishWHO: Phishing webpage detection via identity keywords extraction and target domain name finder

Tan

Chiew

Wong

et al. 2016

Decision Support Systems

View full text Add to dashboard Cite

A B S T R A C TThis paper proposes a phishing detection technique based on the difference between the target and actual identities of a webpage. The proposed phishing detection approach, called PhishWHO, can be divided into three phases. The first phase extracts identity keywords from the textual contents of the website, where a novel weighted URL tokens system based on the N-gram model is proposed. The second phase finds the target domain name by using a search engine, and the target domain name is selected based on identity-relevant features. In the final phase, a 3-tier identity matching system is proposed to determine the legitimacy of the query webpage. The overall experimental results suggest that the proposed system outperforms the conventional phishing detection methods considered.

show abstract

Section: Accepted Manuscriptmentioning

confidence: 96%

Section: Accepted Manuscriptmentioning

confidence: 99%

PhishWHO: Phishing webpage detection via identity keywords extraction and target domain name finder

Tan

Chiew

Wong

et al. 2016

Decision Support Systems

View full text Add to dashboard Cite

show abstract

“…They examined 10 antiphishing tools and discovered that only one of them could consistently detect more than 60% of the phishing websites tested. Their conclusion is echoed by another study from Purkait (2015), who examined the latest commercial browsers and showed that 12 out of 14 tools failed.…”

Section: Related Studies On Identifying Malicious Attacksmentioning

confidence: 98%

“…Although it is very straightforward and has been widely used in different browser toolbars, some studies have confirmed the ineffectiveness of such techniques (e.g. Tsai et al , 2011; Purkait, 2015). The main reason being it is not only challenging but also almost impractical for any blacklist to be up-to-date all the time (Ma et al , 2009a, b; Pranata et al , 2012).…”

Section: Introductionmentioning

confidence: 99%

“…The blacklist-based approach, which is a typical way to identify malicious sites, detects malicious web domains by comparing the domains a user visits against a user-verified blacklist (https://crypto.stanford.edu/SpoofGuard/). Although it is very straightforward and has been widely used in different browser toolbars, some studies have confirmed the ineffectiveness of such techniques (e.g., Tsai et al (2011) and Purkait (2015)). The main reason being it is not only challenging but almost impractical for any blacklist to be up-to-date all the time Pranata et al 2012).…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Malicious web domain identification using online credibility and performance data by considering the class imbalance issue

Chiong

Pranata

et al. 2019

IMDS

View full text Add to dashboard Cite

Purpose -Malicious web domain identification is of significant importance to the security protection of Internet users. With online credibility and performance data, this paper aims to investigate the use of machine learning techniques for malicious web domain identification by considering the class imbalance issue (i.e., there are more benign web domains than malicious ones). Design/methodology/approach -We propose an integrated resampling approach to handle class imbalance by combining the Synthetic Minority Over-sampling TEchnique (SMOTE) and Particle Swarm Optimisation (PSO), a population-based meta-heuristic algorithm. We use the SMOTE for over-sampling and PSO for under-sampling. Findings -By applying eight well-known machine learning classifiers, the proposed integrated resampling approach is comprehensively examined using several imbalanced web domain datasets with different imbalance ratios. Compared to five other well-known resampling approaches, experimental results confirm that the proposed approach is highly effective. Practical implications -This study not only inspires the practical use of online credibility and performance data for identifying malicious web domains, but also provides an effective resampling approach for handling the class imbalance issue in the area of malicious web domain identification. Originality/value -Online credibility and performance data is applied to build malicious web domain identification models using machine learning techniques. An integrated resampling approach is proposed to address the class imbalance issue. The performance of the proposed approach is confirmed based on real-world datasets with different imbalance ratios.

show abstract

Trust evaluation of health websites by eliminating phishing websites and using similarity techniques

Gupta

Bansal

2023

Concurrency and Computation

View full text Add to dashboard Cite

SummaryEvery user uses a search engine to find health information from websites. Content‐rich health websites are considered in our research as wrong information in these websites can threaten life. Search engines give a list of URLs related to their search keyword. Generally, the user follows the top websites displayed by the search engine. Newly constructed websites do not have ratings, hit counts, and reviews. The search engine does not display newly constructed websites in their top rank. In such a case, the newly constructed website with the same content as the website displayed at the top of the search engine loses the user's trust. Another problem is; the phishing website URLs are also displayed by the Google Search engine, which appear similar to the genuine websites. To solve the problem and enhance the trust of health websites which is not at the top of the search engine among users, we have proposed an approach that extracts all URLs based on the keyword. It identifies all legitimate URLs using a Machine Learning classifier. Address bar features, Domain name features, HTML, and JavaScript features were identified for the dataset of getting legitimate URLs. Three classifiers (Decision Tree, Random Forest, and Support Vector Machine) were trained and evaluated. Decision Tree has the highest training accuracy, 94.125, testing accuracy, 92.75, and precision score of 96.97. The cross‐validation score of all three models is almost 93. Therefore, Decision tree is used to identify legitimate websites. After getting the list of legitimate URLs, all the content of the legitimate website is extracted. A Semantic Similarity between top‐rank legitimate website content and legitimate websites is found using Natural language processing techniques. Then the websites are ranked based on similarity and the value of the trust is assigned from highly trustable to less trustable. We have compared and correlated our results with the Web of Trust, a reputation tool for trust analysis, and have achieved a positive correlation. Thus, our approach removes phishing websites and enhances the trust in other websites that are not at the top of the search engine.

show abstract

Examining the effectiveness of phishing filters against DNS based phishing attacks

Cited by 14 publications

References 27 publications

PhishWHO: Phishing webpage detection via identity keywords extraction and target domain name finder

PhishWHO: Phishing webpage detection via identity keywords extraction and target domain name finder

Malicious web domain identification using online credibility and performance data by considering the class imbalance issue

Trust evaluation of health websites by eliminating phishing websites and using similarity techniques

Contact Info

Product

Resources

About