Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Simultaneous Wireless Information and Power Transfer for Multi-hop Energy-Constrained Wireless Network Kapitel lesen Erstes Kapitel lesen

2017 | OriginalPaper | Buchkapitel

Phishing Website Detection Based on Effective CSS Features of Web Pages

verfasst von : Jian Mao, Wenqian Tian, Pei Li, Tao Wei, Zhenkai Liang

Erschienen in: Wireless Algorithms, Systems, and Applications

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

In a web-based phishing attack, an attacker sets up scam web pages to deceive users to input their sensitive information. The appearance of web pages plays an important role in deceiving users, and thus is a critical metric for detecting phishing web sites. In this paper, we propose a robust phishing page detection mechanism based on web pages’ visual similarity. To measure the similarity of the suspicious pages and victim pages accurately, we extract features from the Cascading Style Sheet (CSS) of web pages, and select the effective feature sets for similarity rating. We prototyped our approach in the Google Chrome browser and used it to analyze suspicious web pages. The proof of concept implementation verifies the effectiveness of our algorithm with a low performance overhead.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Broadband Communications for High Speed Trains via NDN Wireless Mesh Network
Nächstes Kapitel A Neural Network Model Based Adaptive Flight Control System
Literatur
1.
2.
Abbasi, A., Zahedi, F.M., Zeng, D.: Enhancing predictive analytics for anti-phishing by exploiting website genre information. J. Manag. Inf. Syst. 31(4), 109–157 (2015)CrossRef
3.
Belabed, A., Aimeur, E., Chikh, A.: A personalized whitelist approach for phishing webpage detection. In: 7th International Conference on Availability, Reliability and Security (ARES), Prague, pp. 249–254. IEEE, August 2012
4.
Bottazzi, G., Casalicchio, E., Cingolani, D., Marturana, F., Piu, M.: MP-shield: a framework for phishing detection in mobile devices. In: Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and SE, pp. 1977–1983 (2015)
5.
Chen, T.-C., Dick, S., Miller, J.: Detecting visually similar web pages: application to phishing detection. ACM Trans. Internet Technol. 10(2), 1–38 (2010)CrossRef
6.
Chou, N., Ledesma, R., Teraguchi, Y., Boneh, D., Mitchell, J.C.: Client-side defense against web-based identity theft. In: Proceedings of the 11th Annual Network and Distributed System Security Symposium (NDSS) (2004)
7.
8.
Corbetta, J., Invernizzi, L., Kruegel, C., Vigna, G.: Eyes of a human, eyes of a program: leveraging different views of the web for analysis and detection. In: Stavrou, A., Bos, H., Portokalidis, G. (eds.) RAID 2014. LNCS, vol. 8688, pp. 130–149. Springer, Cham (2014). doi:10.​1007/​978-3-319-11379-1_​7
9.
Dunlop, M., Groat, S., Shelly, D.: Goldphish: using images for content-based phishing analysis. In: 5th International Conference on Internet Monitoring and Protection (ICIMP), Barcelona, pp. 123–128. IEEE, May 2010
10.
Fette, I., Sadeh, N., Tomasic, A.: Learning to detect phishing emails. In: Proceedings of the International World Wide Web Conference (WWW), May 2007
11.
12.
Khonji, M., Iraqi, Y., Jones, A.: Lexical URL analysis for discriminating phishing and legitimate websites. In: 8th Annual Collaboration, Electronic Messaging, Anti-Abuse and Spam Conference, pp. 109–115. ACM, New York (2011)
13.
Khonji, M., Iraqi, Y., Jones, A.: Enhancing phishing e-mail classifiers: a lexical URL analysis approach. Int. J. Inf. Secur. Res. (IJISR) 2(1/2), 40 (2012)
14.
Lee, L.-H., Lee, K.-C., Juan, Y.-C., Chen, H.-H., Tseng, Y.-H.: Users’ behavioral prediction for phishing detection. In: Proceedings of the 23rd International Conference on World Wide Web, no. 1, pp. 337–338 (2014)
15.
Ma, J., Saul, L. K., Savage, S., Voelker, G.M.: Beyond blacklists: learning to detect malicious web sites from suspicious URLs. In: 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1245–1254. ACM, New York (2009)
16.
Ma, J., Saul, L.K., Savage, S., Voelker, G.M.: Identifying suspicious URLs: an application of large-scale online learning. In: 26th Annual International Conference on Machine Learning, pp. 681–688. ACM, New York (2009)
17.
Mao, J., Li, P., Li, K., Wei, T., Liang, Z.: BaitAlarm: detecting phishing sites using similarity in fundamental visual features. In: Proceedings of the 5th International Conference on Intelligent Networking and Collaborative Systems (2013)
18.
Medvet, E., Kirda, E., Kruegel, C.: Visual-similarity-based phishing detection. In: Proceedings of SecureComm 2008. ACM, September 2008
19.
Moghimi, M., Varjani, A.Y.: New rule-based phishing detection method. Expert Syst. Appl. 53, 231–242 (2016)CrossRef
20.
Mohammad, R., Thabtah, F., McCluskey, L.: An assessment of features related to phishing websites using an automated technique. In: International Conference for Internet Technology and Secured Transactions, London, pp. 492–497. IEEE, December 2012
21.
Nourian, A., Ishtiaq, S., Maheswaran, M.: CASTLE: a social framework for collaborative anti-phishing databases. In: 2009 5th International Conference on Collaborative Computing: Networking, Applications and Worksharing, Washington, DC, pp. 1–10 (2009)
22.
Likarish, P., Jung, E., Dunbar, D., Hansen, T.E., Hourcade, J.P.: B-apt: Bayesian anti-phishing toolbar. In: Proceedings of IEEE International Conference on Communications, ICC 2008. IEEE Press, May 2008
23.
Pan, Y., Ding, X.: Anomaly based web phishing page detection. In: 22nd Annual Computer Security Applications Conference, Miami Beach, FL, pp. 381–392. IEEE, December 2006
24.
Ronda, T., Saroiu, S., Wolman, A.: iTrustPage: a user-assisted anti-phishing tool. In: Proceedings of Eurosys 2008. ACM, April 2008
25.
Wardman, B., Stallings, T., Warner, G., Skjellum, A.: High-performance content-based phishing attack detection. In: eCrime Researchers Summit, San Diego, CA, pp. 1–9. IEEE, November 2011
26.
Wenyin, L., Xiaotie, D.: Detecting phishing web pages with visual similarity assessment based on earth mover’s distance. IEEE Trans. Dependable Secure Comput. 3(4), 301–311 (2006)CrossRef
27.
Wu, L., Du, X., Wu, J.: MobiFish: a lightweight anti-phishing scheme for mobile phones. In: Proceedings - International Conference on Computer Communications and Networks, ICCCN (2014)
28.
Xiang, G., Hong, J., Rose, C.P., Cranor, L.: CANTINA+: a feature-rich machine learning framework for detecting phishing web sites. ACM Trans. Inf. Syst. Secur. (TISSEC) 14(2), 21 (2011)CrossRef
29.
Xiaotie, D., Guanglin, H., Fu, A.Y.: An antiphishing strategy based on visual similarity assessment. Internet Comput. 10(2), 58–65 (2006)CrossRef
30.
Cao, Y., Han, W., Le, Y.: Anti-phishing based on automated individual white-list. In: Proceedings of the 4th ACM Workshop on Digital Identity Management, pp. 51–60 (2008)
31.
Zhang, W., Lu, H., Xu, B., Yang, H.: Web phishing detection based on page spatial layout similarity. Informatica 37(3), 231–244 (2013)
32.
Zhang, Y., Hong, J., Cranor, L.: Cantina: a content-based approach to detecting phishing web sites. In: Proceedings of the International World Wide Web Conference (WWW), May 2007
Metadaten
Titel
Phishing Website Detection Based on Effective CSS Features of Web Pages
verfasst von
Jian Mao
Wenqian Tian
Pei Li
Tao Wei
Zhenkai Liang
Copyright-Jahr
2017
Buch
Wireless Algorithms, Systems, and Applications

Print ISBN: 978-3-319-60032-1

Electronic ISBN: 978-3-319-60033-8

Copyright-Jahr: 2017

DOI
https://doi.org/10.1007/978-3-319-60033-8_68