Phishing-Alarm: Robust and Efficient Phishing Detection via Page Component Similarity

Mao, Jian; Tian, Wenqian; Li, Pei; Wei, Tao; Liang, Zhenkai

doi:10.1109/access.2017.2743528

Cited by 81 publications

(42 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…2 The similarity distribution of facebook's legitimate and phishing websites in the scheme [7] For example, although authors in [7] focus on the positions of colors appeared in website's screenshot, it is easy for attackers to create same colored different appearance phishing websites. Moreover, although authors in [9] use CSS similarity between a targeted legitimate website and a phishing website, attackers can create a similar phishing website without using CSS by embedding legitimate website's appearance to the background image. From this point of view, another requirement has to be fulfilled to improve detection performance:…”

Section: Problem Formulationsmentioning

confidence: 99%

“…In order to detect many types of phishing websites, many approaches have been proposed. We introduce representative approaches [5]- [9]. In [5], Zhang et al propose Cantina which leverages the fact that phishing websites do not appear in the top of the Google's search result.…”

Section: Introductionmentioning

confidence: 99%

“…However, the machine learning based approaches are weak for feature manipulation by attackers. While those approaches [5], [6] mainly focus on the internal contents of phishing websites, the visual similarity based approaches [7]- [9] use visual contents as features. The idea behind them is that the visual contents of phishing websites are similar to the targeted legitimate website since they mimic the appearance of the target.…”

Section: Introductionmentioning

confidence: 99%

“…In addition to that, since the various types of logo are existed in a legitimate website, it costs very much if the system administrator registers them to SDB for a lot of legitimate websites by hand. In [9], Mao et al propose to use the similarity of CSS (Cascading Style Sheet) which defines the design of the websites such as fonts, colors and so on. This is because the phishing websites often plagiarize targeted legitimate website's CSS.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Hue Signature Auto Update System for Visual Similarity-Based Phishing Detection with Tolerance to Zero-Day Attack

Haruta

Asahina

Yamazaki

et al. 2019

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

Shuichiro HARUTA †a) , Hiromu ASAHINA †b) , Student Members, Fumitaka YAMAZAKI †c) , Nonmember, and Iwao SASASE †d) , Fellow SUMMARY Detecting phishing websites is imperative. Among several detection schemes, the promising ones are the visual similarity-based approaches. In those, targeted legitimate website's visual features referred to as signatures are stored in SDB (Signature Database) by the system administrator. They can only detect phishing websites whose signatures are highly similar to SDB's one. Thus, the system administrator has to register multiple signatures to detect various phishing websites and that cost is very high. This incurs the vulnerability of zero-day phishing attack. In order to address this issue, an auto signature update mechanism is needed. The naive way of auto updating SDB is expanding the scope of detection by adding detected phishing website's signature to SDB. However, the previous approaches are not suitable for auto updating since their similarity can be highly different among targeted legitimate website and subspecies of phishing website targeting that legitimate website. Furthermore, the previous signatures can be easily manipulated by attackers. In order to overcome the problems mentioned above, in this paper, we propose a hue signature auto update system for visual similarity-based phishing detection with tolerance to zero-day attack. The phishing websites targeting certain legitimate website tend to use the targeted website's theme color to deceive users. In other words, the users can easily distinguish phishing website if it has highly different hue information from targeted legitimate one (e.g. red colored Facebook is suspicious). Thus, the hue signature has a common feature among the targeted legitimate website and subspecies of phishing websites, and it is difficult for attackers to change it. Based on this notion, we argue that the hue signature fulfills the requirements about auto updating SDB and robustness for attackers' manipulating. This commonness can effectively expand the scope of detection when auto updating is applied to the hue signature. By the computer simulation with a real dataset, we demonstrate that our system achieves high detection performance compared with the previous scheme.

show abstract

Section: Problem Formulationsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Hue Signature Auto Update System for Visual Similarity-Based Phishing Detection with Tolerance to Zero-Day Attack

Haruta

Asahina

Yamazaki

et al. 2019

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

show abstract

“…Phishing-Alarm [25] introduced a model to measure the suspiciousness of websites using the similitude of visual appearance between the websites. This methodology utilized Cascading Style Sheets (CSSs) as the premise to precisely evaluate the visual similitude of each page component.…”

Section: Related Workmentioning

confidence: 99%

PhishAlert: An Efficient Phishing URL Detection via Hybrid Methodology

Sharma*¹,

Singh²

2019

IJITEE

View full text Add to dashboard Cite

In spite of various research endeavors, phishing assaults stay common and exceedingly successful in attracting clueless clients to uncover delicate data, including account details and government managed savings numbers. Misfortunes due to phishing are developing consistently. A solitary methodology isn't effective for distinguishing a wide range of phishing assaults. So we propose a hybrid approach to deal with the classification of URLs as phishing or real. The investigation aftereffects of our proposed methodology, in view of a dataset gathered from phishing and legitimate URLs, have demonstrated that PhishAlert framework can successfully counteract phishing assaults and can thus ensure system security.

show abstract

A review of phishing attacks and countermeasures for internet of things‐based smart business applications in industry 4.0

Sadiq

Anwar

Butt

et al. 2021

Human Behav and Emerg Tech

View full text Add to dashboard Cite

Due to the advancement in industry 4.0, cybercrimes in internet‐based business applications are rapidly increasing. To encounter such attacks, the intruders use various tools and techniques such as Phishing, Malware, SQL Injection, Ransomware, Cross‐Site Scripting (XSS), Denial of Service (DoS), Session Hijacking, and Credential Reuse. Phishing is most commonly in practice in the current digital era. Phishing is a fraudulent attempt to obtain sensitive information from deceiving users. These types of cyber‐attacks are used to harm individuals or entire businesses depending on the targeted objective of the attacker. To combat these attacks, the research community provides various phishing detection techniques. In this article, we classify state‐of‐the‐art fishing detection techniques in five major categories, that are, (1) Data Mining, Deep Learning & Machine Learning‐Based Approach, (2) Search Engine‐Based Approach, (3) URL Scan‐Based Approach, (4) Blacklisting‐Whitelisting Approach, and (5) Visual Similarity‐Based Approach. Further, a comparative analysis is provided within each category concerning their strength and weaknesses. Moreover, the article provides phishing prevention best practices to the readers to avoid such attacks.

show abstract

Phishing-Alarm: Robust and Efficient Phishing Detection via Page Component Similarity

Cited by 81 publications

References 34 publications

Hue Signature Auto Update System for Visual Similarity-Based Phishing Detection with Tolerance to Zero-Day Attack

Hue Signature Auto Update System for Visual Similarity-Based Phishing Detection with Tolerance to Zero-Day Attack

PhishAlert: An Efficient Phishing URL Detection via Hybrid Methodology

A review of phishing attacks and countermeasures for internet of things‐based smart business applications in industry 4.0

Contact Info

Product

Resources

About