nach oben

Neural Computing and Applications

Erschienen in:

24.09.2020 | Original Article

A heuristic technique to detect phishing websites using TWSVM classifier

verfasst von: Routhu Srinivasa Rao, Alwyn Roshan Pais, Pritam Anand

Erschienen in: Neural Computing and Applications | Ausgabe 11/2021

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Phishing websites are on the rise and are hosted on compromised domains such that legitimate behavior is embedded into the designed phishing site to overcome the detection. The traditional heuristic techniques using HTTPS, search engine, Page Ranking and WHOIS information may fail in detecting phishing sites hosted on the compromised domain. Moreover, list-based techniques fail to detect phishing sites when the target website is not in the whitelisted data. In this paper, we propose a novel heuristic technique using TWSVM to detect malicious registered phishing sites and also sites which are hosted on compromised servers, to overcome the aforementioned limitations. Our technique detects the phishing websites hosted on compromised domains by comparing the log-in page and home page of the visiting website. The hyperlink and URL-based features are used to detect phishing sites which are maliciously registered. We have used different versions of support vector machines (SVMs) for the classification of phishing websites. We found that twin support vector machine classifier (TWSVM) outperformed the other versions with a significant accuracy of 98.05% and recall of 98.33%.

Vorheriger Artikel Efficiency in uncertain variational control problems

Nächster Artikel Integrated neuro-evolution-based computing solver for dynamics of nonlinear corneal shape model numerically

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

https://www.antiphishing.org/resources/apwg-reports/.

http://docs.seleniumhq.org/download/.

https://jsoup.org/.

(2005) Stanford CoreNLP-Natural language software. https://stanfordnlp.github.io/CoreNLP/#download

Afroz S, Greenstadt R (2011) Phishzoo: Detecting phishing websites by looking at them. In: Semantic Computing (ICSC), 2011 Fifth IEEE International Conference on, IEEE, pp 368–375

APWG (2016) Phishing attack trends reports, fourth quarter 2016. http://docs.apwg.org/reports/apwg_trends_report_q4_2016.pdf, Accessed: 2017-03-03

APWG (2017) Phishing attack trends reports, first half 2017. http://docs.apwg.org/reports/apwg_trends_report_h1_2017.pdf, Accessed: 2018-01-01

Ardi C, Heidemann J (2016) Auntietuna: Personalized content-based phishing detection. In: NDSS Usable Security Workshop (USEC)

Britt J, Wardman B, Sprague A, Warner G (2012) Clustering potential phishing websites using deepmd5. In: LEET

Burges CJ (1998) A tutorial on support vector machines for pattern recognition. Data Min Knowl Discov 2(2):121–167CrossRef

Chen KT, Chen JY, Huang CR, Chen CS (2009) Fighting phishing with discriminative keypoint features. IEEE Internet Comput 13(3)

Chiew KL, Chang EH, Tiong WK et al (2015) Utilisation of website logo for phishing detection. Comput Secur 54:16–26. https://doi.org/10.1016/j.cose.2015.07.006CrossRef

10.

Cortes C, Vapnik V (1995) Support-vector networks. Mach Learn 20(3):273–297MATH

11.

Drew J, Moore T (2014) Automatic identification of replicated criminal websites using combined clustering. Security and privacy workshops (SPW). IEEE, IEEE, pp 116–123

12.

Dunlop M, Groat S, Shelly D (2010) Goldphish: Using images for content-based phishing analysis. In: Internet Monitoring and Protection (ICIMP), 2010 Fifth International Conference on, IEEE, pp 123–128

13.

Finkel JR, Grenager T, Manning C (2005) Incorporating non-local information into information extraction systems by gibbs sampling. In: Proceedings of the 43rd annual meeting on association for computational linguistics, Association for Computational Linguistics, pp 363–370

14.

Fung GM, Mangasarian OL (2005) Multicategory proximal support vector machine classifiers. Mach Learn 59(1–2):77–97CrossRef

15.

Gowtham R, Krishnamurthi I (2014) A comprehensive and efficacious architecture for detecting phishing webpages. Comput Secur 40:23–37. https://doi.org/10.1016/j.cose.2013.10.004CrossRef

16.

Hara M, Yamada A, Miyake Y (2009) Visual similarity-based phishing detection without victim site information. In: Computational Intelligence in Cyber Security, 2009. CICS’09. IEEE Symposium on, IEEE, pp 30–36, https://doi.org/10.1109/CICYBS.2009.4925087

17.

He M, Horng SJ, Fan P, Khan MK, Run RS, Lai JL, Chen RJ, Sutanto A (2011) An efficient phishing webpage detector. Expert Syst Appl 38(10):12018–12027. https://doi.org/10.1016/j.eswa.2011.01.046CrossRef

18.

Huh JH, Kim H (2011) Phishing detection with popular search engines: Simple and effective. In: International Symposium on Foundations and Practice of Security, Springer, pp 194–207. https://doi.org/10.1007/978-3-642-27901-0_15

19.

Jain AK, Gupta BB (2017) Two-level authentication approach to protect from phishing attacks in real time. J Ambient Intell Hum Comput. https://doi.org/10.1007/s12652-017-0616-zCrossRef

20.

Jang-Jaccard J, Nepal S (2014) A survey of emerging threats in cybersecurity. J Comput Syst Sci 80(5):973–993MathSciNetCrossRef

21.

Jayadeva KR, Chandra S (2007) Twin support vector machines for pattern classification. IEEE Trans Pattern Anal Mach Intell 29(5):905–910. https://doi.org/10.1109/TPAMI.2007.1068CrossRefMATH

22.

Jayadeva KR, Chandra S (2017) Twin support vector machines. Springer, BerlinCrossRef

23.

Li Y, Yang Z, Chen X, Yuan H, Liu W (2019) A stacking model using url and html features for phishing webpage detection. Fut Gen Comput Syst 94:27–39. https://doi.org/10.1016/j.future.2018.11.004CrossRef

24.

Manning CD, Surdeanu M, Bauer J, Finkel J, Bethard SJ, McClosky D (2014) The Stanford CoreNLP natural language processing toolkit. In: Association for Computational Linguistics (ACL) System Demonstrations, pp 55–60, http://www.aclweb.org/anthology/P/P14/P14-5010

25.

Mao J, Tian W, Li P, Wei T, Liang Z (2017) Phishing-alarm: robust and efficient phishing detection via page component similarity. IEEE Access 5:17020–17030CrossRef

26.

Marchal S, Saari K, Singh N, Asokan N (2016) Know your phish: novel techniques for detecting phishing sites and their targets. In: Distributed Computing Systems (ICDCS), 2016 IEEE 36th International Conference on, IEEE, pp 323–333

27.

Medvet E, Kirda E, Kruegel C (2008) Visual-similarity-based phishing detection. In: Proceedings of the 4th international conference on Security and privacy in communication netowrks, ACM, p 22

28.

Mercer J (1909) Functions of positive and negative type, and their connection with the theory of integral equations. Philos Trans R Soc Lond Ser A Contain Pap Math Phys Char 209:415–446MATH

29.

Moghimi M, Varjani AY (2016) New rule-based phishing detection method. Expert Syst Appl 53:231–242. https://doi.org/10.1016/j.eswa.2016.01.028CrossRef

30.

Mohammad RM, Thabtah F, McCluskey L (2012) An assessment of features related to phishing websites using an automated technique. In: Internet Technology And Secured Transactions, 2012 International Conference for, IEEE, pp 492–497

31.

Mohammad RM, Thabtah F, McCluskey L (2015) Tutorial and critical analysis of phishing websites methods. Comput Sci Rev 17:1–24MathSciNetCrossRef

32.

Moore T, Clayton R (2007) Examining the impact of website take-down on phishing. In: Proceedings of the anti-phishing working groups 2nd annual eCrime researchers summit, ACM, pp 1–13

33.

Pan Y, Ding X (2006) Anomaly based web phishing page detection. Proc Annu Comput Secur Appl Conf ACSAC 6:381–392. https://doi.org/10.1109/ACSAC.2006.13CrossRef

34.

Prakash P, Kumar M, Kompella RR, Gupta M (2010) Phishnet: predictive blacklisting to detect phishing attacks. In: INFOCOM, 2010 Proceedings IEEE, IEEE, pp 1–5, https://doi.org/10.1109/INFCOM.2010.5462216

35.

Ramesh G, Krishnamurthi I, Kumar KSS (2014) An efficacious method for detecting phishing webpages through target domain identification. Decis Support Syst 61:12–22. https://doi.org/10.1016/j.dss.2014.01.002CrossRef

36.

Rao CR, Mitra SK (1971) Generalized inverse of matrices and its applications

37.

Rao RS, Ali ST (2015) A computer vision technique to detect phishing attacks. In: Communication Systems and Network Technologies (CSNT), 2015 Fifth International Conference on, IEEE, pp 596–601, https://doi.org/10.1109/CSNT.2015.68

38.

Rao RS, Ali ST (2015) Phishshield: a desktop application to detect phishing webpages through heuristic approach. Proc Comput Sci 54:147–156. https://doi.org/10.1016/j.procs.2015.06.017CrossRef

39.

Rao RS, Pais AR (2017) An enhanced blacklist method to detect phishing websites. In: International Conference on Information Systems Security, Springer, pp 323–333

40.

Rao RS, Pais AR (2018) Detection of phishing websites using an efficient feature-based machine learning framework. Neural Comput Appl 1:1. https://doi.org/10.1007/s00521-017-3305-0CrossRef

41.

Rosiello AP, Kirda E, Ferrandi F, et al (2007) A layout-similarity-based approach for detecting phishing pages. In: Security and Privacy in Communications Networks and the Workshops, 2007. SecureComm 2007. Third International Conference on, IEEE, pp 454–463

42.

43.

RSA (2013) Rsa fraud report. https://www.emc.com/collateral/fraud-report/rsa-online-fraud-report-012014.pdf, Accessed: 2016-07-15

44.

Shao YH, Zhang CH, Wang XB, Deng NY (2011) Improvements on twin support vector machines. IEEE Trans Neural Netw 22(6):962–968CrossRef

45.

Shirazi H, Bezawada B, Ray I (2018) “kn0w thy doma1n name”: Unbiased phishing detection using domain name based features. In: Proceedings of the 23Nd ACM on Symposium on Access Control Models and Technologies, ACM, SACMAT ’18, pp 69–75, https://doi.org/10.1145/3205977.3205992

46.

Srinivasa Rao R, Pais AR (2017) Detecting phishing websites using automation of human behavior. In: Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security, ACM, New York, NY, USA, CPSS ’17, pp 33–42, https://doi.org/10.1145/3055186.3055188,

47.

Vapnik VN, Vapnik V (1998) Statistical learning theory, vol 1. Wiley, New YorkMATH

48.

Varshney G, Misra M, Atrey PK (2016) A phish detector using lightweight search features. Comput Secur 62:213–228. https://doi.org/10.1016/j.cose.2016.08.003CrossRef

49.

Wenyin L, Huang G, Xiaoyue L, Min Z, Deng X (2005) Detection of phishing webpages based on visual similarity. In: Special interest tracks and posters of the 14th international conference on World Wide Web, ACM, pp 1060–1061

50.

Xiang G, Hong JI (2009) A hybrid phish detection approach by identity discovery and keywords retrieval. In: Proceedings of the 18th international conference on World wide web, ACM, pp 571–580

51.

Xiang G, Hong J, Rose CP, Cranor L (2011) Cantina+: a feature-rich machine learning framework for detecting phishing web sites. ACM Trans Inf Syst Secur TISSEC 14(2):21. https://doi.org/10.1145/2019599.2019606CrossRef

52.

Yang P, Zhao G, Zeng P (2019) Phishing website detection based on multidimensional features driven by deep learning. IEEE Access 7:15196–15209. https://doi.org/10.1109/ACCESS.2019.2892066CrossRef

53.

Zhang H, Liu G, Chow TW, Liu W (2011) Textual and visual content-based anti-phishing: a bayesian approach. IEEE Trans Neural Netw 22(10):1532–1546CrossRef

54.

Zhang Y, Hong JI, Cranor LF (2007) Cantina: a content-based approach to detecting phishing web sites. In: Proceedings of the 16th international conference on World Wide Web, ACM, pp 639–648, https://doi.org/10.1145/1242572.1242659, http://dl.acm.org/citation.cfm?id=1242659

Titel: A heuristic technique to detect phishing websites using TWSVM classifier
verfasst von: Routhu Srinivasa Rao
Alwyn Roshan Pais
Pritam Anand
Publikationsdatum: 24.09.2020
Verlag: Springer London
Erschienen in: Neural Computing and Applications / Ausgabe 11/2021
Print ISSN: 0941-0643
Elektronische ISSN: 1433-3058
DOI: https://doi.org/10.1007/s00521-020-05354-z

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Weitere Artikel der Ausgabe 11/2021

From text to graph: a general transition-based AMR parsing using neural network

Driver distraction detection using capsule network

Detection of weather images by using spiking neural networks of deep learning models

Semi-supervised deep learning based named entity recognition model to parse education section of resumes

Achievement scalarizing function sorting for strength Pareto evolutionary algorithm in many-objective optimization

GANFuse: a novel multi-exposure image fusion method based on generative adversarial networks