Jail-Phish: An improved search engine based phishing detection system

Rao, Routhu Srinivasa; Pais, Alwyn Roshan

doi:10.1016/j.cose.2019.02.011

Cited by 56 publications

(18 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Phishing detection schemes which detect phishing on the server side are better than phishing prevention strategies and user training systems. These systems can be used either via a web browser on the client or through specific host-site software [ 8 , 9 ]. Fig 2 presents the classification of Phishing detection approaches.…”

Section: Research Background and Related Workmentioning

confidence: 99%

“…Authors [ 9 ] developed a detection approach for classifying malicious and normal webpages. The outcome of this study indicated that the value of true positive was higher rather than the false positive rate.…”

Section: Research Background and Related Workmentioning

confidence: 99%

“…There is a significant chance of exploitation of user information. For these reasons, phishing in modern society is highly urgent, challenging, and overly critical [ 9 , 10 ]. There have been several recent studies against phishing based on the characteristics of a domain, such as website URLs, website content, incorporating both the website URLs and content, the source code of the website and the screenshot of the website [ 11 ].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Detecting phishing websites using machine learning technique

Dutta

2021

PLoS ONE

View full text Add to dashboard Cite

In recent years, advancements in Internet and cloud technologies have led to a significant increase in electronic trading in which consumers make online purchases and transactions. This growth leads to unauthorized access to users’ sensitive information and damages the resources of an enterprise. Phishing is one of the familiar attacks that trick users to access malicious content and gain their information. In terms of website interface and uniform resource locator (URL), most phishing webpages look identical to the actual webpages. Various strategies for detecting phishing websites, such as blacklist, heuristic, Etc., have been suggested. However, due to inefficient security technologies, there is an exponential increase in the number of victims. The anonymous and uncontrollable framework of the Internet is more vulnerable to phishing attacks. Existing research works show that the performance of the phishing detection system is limited. There is a demand for an intelligent technique to protect users from the cyber-attacks. In this study, the author proposed a URL detection technique based on machine learning approaches. A recurrent neural network method is employed to detect phishing URL. Researcher evaluated the proposed method with 7900 malicious and 5800 legitimate sites, respectively. The experiments’ outcome shows that the proposed method’s performance is better than the recent approaches in malicious URL detection.

show abstract

Section: Research Background and Related Workmentioning

confidence: 99%

Section: Research Background and Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Detecting phishing websites using machine learning technique

Dutta

2021

PLoS ONE

View full text Add to dashboard Cite

show abstract

“…However, after the implementation of the GDPR (General Data Protection Regulation [30]), most WHOIS information is no longer available. Search engine-based techniques [31][32][33][34] collect information from different search engines to detect phishing. At the same time, the low PageRank value of a webpage is often thought of as evidence of a phishing website [27,29]; however, these techniques tend to send a large amount of query requests, causing a certain network and data processing burden.…”

Section: Side Channel-based Techniquesmentioning

confidence: 99%

HinPhish: An Effective Phishing Detection Approach Based on Heterogeneous Information Networks

Guo

Zhang

et al. 2021

Applied Sciences

View full text Add to dashboard Cite

Internet users have suffered from phishing attacks for a long time. Attackers deceive users through malicious constructed phishing websites to steal sensitive information, such as bank account numbers, website usernames, and passwords. In recent years, many phishing detection solutions have been proposed, which mainly leverage whitelists or blacklists, website content, or side channel-based techniques. However, with the continuous improvement of phishing technology, current methods have difficulty in achieving effective detection. Hence, in this paper, we propose an effective phishing website detection approach, which we call HinPhish. HinPhish extracts various link relationships from webpages and uses domains and resource objects to construct a heterogeneous information network. HinPhish applies a modified algorithm to leverage the characteristics of different link types in order to calculate the phish-score of the target domain on the webpage. Moreover, HinPhish not only improves the accuracy of detection, but also can increase the phishing cost for attackers. Extensive experimental results demonstrate that HinPhish can achieve an accuracy of 0.9856 and F1-score of 0.9858 .

show abstract

“…The phishers usually contact the victims via e-mail, telephone, or text messages, and it could cause financial loss. The Anti-Phishing Working Group (APWG) confirmed that the phishing attack numbers have increased to 1,220,523 cases since 2016, and it is the highest number reached since 2004 (Rao & Pais, 2019). Based on Ernst and Young's 2018 -2019 Global Information Survey, phishing is the top cyber fraud in organizations, with 22% of the cases reported.…”

Section: Introductionmentioning

confidence: 99%

Factors Affecting Awareness of Phishing Among Generation Y

Zaharon¹,

Ali²,

Hasnan³

2021

APMAJ

View full text Add to dashboard Cite

The purpose of this study was to determine the factors affecting awareness of phishing among Generation Y in Malaysia. Specifically, this study identified three factors that may influence awareness of phishing by applying the Theory of Technology Threat Avoidance. The factors are social engineering, anti-phishing knowledge, and security concern. Data was collected through a questionnaire survey. This study found that all the factors significantly influenced awareness of phishing among Generation Y in Malaysia. The findings of this study provide a further understanding of the factors that affect awareness of phishing. This study would benefit the public, especially Generation Y, the government, and all types of businesses, including financial institutions, by raising awareness of phishing and reducing phishing attacks. Keywords: phishing, Generation Y, social engineering, anti-phishing knowledge, security concern

show abstract

Jail-Phish: An improved search engine based phishing detection system

Cited by 56 publications

References 19 publications

Detecting phishing websites using machine learning technique

Detecting phishing websites using machine learning technique

HinPhish: An Effective Phishing Detection Approach Based on Heterogeneous Information Networks

Factors Affecting Awareness of Phishing Among Generation Y

Contact Info

Product

Resources

About