Skip to main content
Erschienen in: Neural Computing and Applications 2/2014

01.08.2014 | Original Article

Predicting phishing websites based on self-structuring neural network

verfasst von: Rami M. Mohammad, Fadi Thabtah, Lee McCluskey

Erschienen in: Neural Computing and Applications | Ausgabe 2/2014

Einloggen

Aktivieren Sie unsere intelligente Suche um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Internet has become an essential component of our everyday social and financial activities. Nevertheless, internet users may be vulnerable to different types of web threats, which may cause financial damages, identity theft, loss of private information, brand reputation damage and loss of customer’s confidence in e-commerce and online banking. Phishing is considered as a form of web threats that is defined as the art of impersonating a website of an honest enterprise aiming to obtain confidential information such as usernames, passwords and social security number. So far, there is no single solution that can capture every phishing attack. In this article, we proposed an intelligent model for predicting phishing attacks based on artificial neural network particularly self-structuring neural networks. Phishing is a continuous problem where features significant in determining the type of web pages are constantly changing. Thus, we need to constantly improve the network structure in order to cope with these changes. Our model solves this problem by automating the process of structuring the network and shows high acceptance for noisy data, fault tolerance and high prediction accuracy. Several experiments were conducted in our research, and the number of epochs differs in each experiment. From the results, we find that all produced structures have high generalization ability.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Literatur
1.
Zurück zum Zitat Liu J, Ye Y (2001) Introduction to E-commerce agents: marketplace solutions, security issues, and supply and demand. In: E-commerce agents, marketplace solutions, security issues, and supply and demand, London, UK Liu J, Ye Y (2001) Introduction to E-commerce agents: marketplace solutions, security issues, and supply and demand. In: E-commerce agents, marketplace solutions, security issues, and supply and demand, London, UK
5.
Zurück zum Zitat Dhamija R, Tygar JD, Hearst M (2006) Why phishing works. In: Proceedings of the SIGCHI conference on human factors in computing systems, Cosmopolitan Montréal, Canada Dhamija R, Tygar JD, Hearst M (2006) Why phishing works. In: Proceedings of the SIGCHI conference on human factors in computing systems, Cosmopolitan Montréal, Canada
6.
Zurück zum Zitat Cranor LF (2008) A framework for reasoning about the human in the loop. In: UPSEC’08 Proceedings of the 1st conference on usability, psychology, and security, Berkeley, CA, USA Cranor LF (2008) A framework for reasoning about the human in the loop. In: UPSEC’08 Proceedings of the 1st conference on usability, psychology, and security, Berkeley, CA, USA
7.
Zurück zum Zitat Miyamoto D, Hazeyama H, Kadobayashi Y (2008) An evaluation of machine learning-based methods for detection of phishing sites. Aust J Intell Inf Process Syst 10(2):54–63 Miyamoto D, Hazeyama H, Kadobayashi Y (2008) An evaluation of machine learning-based methods for detection of phishing sites. Aust J Intell Inf Process Syst 10(2):54–63
8.
Zurück zum Zitat Xiang G, Hong J, Rose CP, Cranor L (2011) CANTINA+: a feature-rich machine learning framework for detecting phishing web sites. ACM Trans Inf Syst Secur 14(2):1–28 Xiang G, Hong J, Rose CP, Cranor L (2011) CANTINA+: a feature-rich machine learning framework for detecting phishing web sites. ACM Trans Inf Syst Secur 14(2):1–28
9.
Zurück zum Zitat Witten IH, Frank E (2002) Data mining: practical machine learning tools and techniques with Java implementations. ACM, New York, NY Witten IH, Frank E (2002) Data mining: practical machine learning tools and techniques with Java implementations. ACM, New York, NY
10.
Zurück zum Zitat Zhang Y, Hong J, Cranor L (2007) CANTINA: a content-based approach to detect phishing web sites. In: Proceedings of the 16th world wide web conference, Banff, Alberta, Canada Zhang Y, Hong J, Cranor L (2007) CANTINA: a content-based approach to detect phishing web sites. In: Proceedings of the 16th world wide web conference, Banff, Alberta, Canada
11.
Zurück zum Zitat Widrow B, Lehr MA (1990) 30 years of adaptive neural networks: perceptron, Madaline, and backpropagation. In: Proceedings of the IEEE, vol 78, no 9, pp 1415–1442CrossRef Widrow B, Lehr MA (1990) 30 years of adaptive neural networks: perceptron, Madaline, and backpropagation. In: Proceedings of the IEEE, vol 78, no 9, pp 1415–1442CrossRef
12.
Zurück zum Zitat Basheer I, Hajmeer M (2000) Artificial neural networks: fundamentals, computing, design, and application. J Microbiol Methods 43(1):3–31 Basheer I, Hajmeer M (2000) Artificial neural networks: fundamentals, computing, design, and application. J Microbiol Methods 43(1):3–31
13.
Zurück zum Zitat Aburrous M, Hossain MA, Dahal K, Fadi T (2010) Predicting phishing websites using classification mining techniques. In: Seventh international conference on information technology, Las Vegas, Nevada, USA Aburrous M, Hossain MA, Dahal K, Fadi T (2010) Predicting phishing websites using classification mining techniques. In: Seventh international conference on information technology, Las Vegas, Nevada, USA
14.
Zurück zum Zitat Thabtah F, Peter C, Peng Y (2005) MCAR: multi-class classification based on association rule. In: The 3rd ACS/IEEE international conference on computer systems and applications Thabtah F, Peter C, Peng Y (2005) MCAR: multi-class classification based on association rule. In: The 3rd ACS/IEEE international conference on computer systems and applications
15.
Zurück zum Zitat Hu K, Lu Y, Zhou L, Shi C (1998) Integrating classification and association rule mining. In: Proceedings of the fourth international conference on knowledge discovery and data mining (KDD-98, plenary presentation), New York, USA Hu K, Lu Y, Zhou L, Shi C (1998) Integrating classification and association rule mining. In: Proceedings of the fourth international conference on knowledge discovery and data mining (KDD-98, plenary presentation), New York, USA
16.
Zurück zum Zitat Quinlan JR (1996) Improved use of continuous attributes in c4.5. J Artif Intell Res 4:77–90MATH Quinlan JR (1996) Improved use of continuous attributes in c4.5. J Artif Intell Res 4:77–90MATH
17.
Zurück zum Zitat Cendrowska J (1987) PRISM: an algorithm for inducing modular rule. Int J Man-Mach Stud 27(4):349–370CrossRefMATH Cendrowska J (1987) PRISM: an algorithm for inducing modular rule. Int J Man-Mach Stud 27(4):349–370CrossRefMATH
18.
Zurück zum Zitat Aburrous M, Hossain MA, Dahal K, Thabtah F (2010) Intelligent phishing detection system for e-banking using fuzzy data mining. Expert Syst Appl Int J 37(12):7913–7921CrossRef Aburrous M, Hossain MA, Dahal K, Thabtah F (2010) Intelligent phishing detection system for e-banking using fuzzy data mining. Expert Syst Appl Int J 37(12):7913–7921CrossRef
19.
Zurück zum Zitat Sodiya AS, Onashoga SA, Oladunjoye BA (2007) Threat modeling using fuzzy logic paradigm. In: Issues in Informing Science and Information Technology, vol 4 Sodiya AS, Onashoga SA, Oladunjoye BA (2007) Threat modeling using fuzzy logic paradigm. In: Issues in Informing Science and Information Technology, vol 4
20.
Zurück zum Zitat Pan Y, Ding X (2006) Anomaly based web phishing page detection. In: ACSAC ‘06: Proceedings of the 22nd annual computer security applications conference, Washington, DC Pan Y, Ding X (2006) Anomaly based web phishing page detection. In: ACSAC ‘06: Proceedings of the 22nd annual computer security applications conference, Washington, DC
22.
Zurück zum Zitat Cortes C, Vapnik V (1995) Support-vector networks. Machine Learning 20(3):273–297MATH Cortes C, Vapnik V (1995) Support-vector networks. Machine Learning 20(3):273–297MATH
23.
Zurück zum Zitat Manning CD, Raghavan P, Schütze H (2008) Introduction to information retrieval. Cambridge University Press, CambridgeCrossRefMATH Manning CD, Raghavan P, Schütze H (2008) Introduction to information retrieval. Cambridge University Press, CambridgeCrossRefMATH
24.
Zurück zum Zitat Sanglerdsinlapachai N, Rungsawang A (2010) Using domain top-page similarity feature in machine learning-based web. In: Third international conference on knowledge discovery and data mining, Washington, DC Sanglerdsinlapachai N, Rungsawang A (2010) Using domain top-page similarity feature in machine learning-based web. In: Third international conference on knowledge discovery and data mining, Washington, DC
25.
Zurück zum Zitat Sadeh N, Tomasic A, Fette I (2007) Learning to detect phishing emails. In: Proceedings of the 16th international conference on World Wide Web, pp 649–656 Sadeh N, Tomasic A, Fette I (2007) Learning to detect phishing emails. In: Proceedings of the 16th international conference on World Wide Web, pp 649–656
27.
Zurück zum Zitat Wenyin L, Huang G, Xiaoyue L, Min Z, Deng X (2005) Detection of phishing webpages based on visual similarity. In: Proceeding WWW ‘05 Special interest tracks and posters of the 14th international conference on World Wide Web, New York, NY Wenyin L, Huang G, Xiaoyue L, Min Z, Deng X (2005) Detection of phishing webpages based on visual similarity. In: Proceeding WWW ‘05 Special interest tracks and posters of the 14th international conference on World Wide Web, New York, NY
28.
Zurück zum Zitat Dhamija R, Tygar JD (2005) The battle against phishing: dynamic security skins. In: Proceedings of the 1st symposium on usable privacy and security, New York, NY Dhamija R, Tygar JD (2005) The battle against phishing: dynamic security skins. In: Proceedings of the 1st symposium on usable privacy and security, New York, NY
29.
Zurück zum Zitat Horng S-J, Fan P, Khan MK, Run R-S, Lai J-L, Chen R-J, Sutanto A, Mingxing H (2011) An efficient phishing webpage detector. Expert Syst Appl Int J 38(10):12018–12027CrossRef Horng S-J, Fan P, Khan MK, Run R-S, Lai J-L, Chen R-J, Sutanto A, Mingxing H (2011) An efficient phishing webpage detector. Expert Syst Appl Int J 38(10):12018–12027CrossRef
30.
Zurück zum Zitat Mohammad RM, Thabtah F, McCluskey L (2012) An assessment of features related to phishing websites using an automated technique. In: The 7th international conference for internet technology and secured transactions (ICITST-2012), London Mohammad RM, Thabtah F, McCluskey L (2012) An assessment of features related to phishing websites using an automated technique. In: The 7th international conference for internet technology and secured transactions (ICITST-2012), London
35.
Zurück zum Zitat Liu W, Deng X, Huang G, Fu AY (2006) An antiphishing strategy based on visual similarity assessment. In: IEEE educational activities Department Piscataway, NJ, USA Liu W, Deng X, Huang G, Fu AY (2006) An antiphishing strategy based on visual similarity assessment. In: IEEE educational activities Department Piscataway, NJ, USA
37.
Zurück zum Zitat Nabhan TM, Zomaya AY (1994) Toward generating neural network structures for function approximation. Neural Netw 7(1):89–99CrossRef Nabhan TM, Zomaya AY (1994) Toward generating neural network structures for function approximation. Neural Netw 7(1):89–99CrossRef
38.
Zurück zum Zitat Hutchins RG (1995) Neural network topologies and training algorithms in nonlinear system identification. In: Systems, man and cybernetics. IEEE international conference on intelligent systems for the 21st century, Monterey, CA Hutchins RG (1995) Neural network topologies and training algorithms in nonlinear system identification. In: Systems, man and cybernetics. IEEE international conference on intelligent systems for the 21st century, Monterey, CA
39.
Zurück zum Zitat Jacek ZM (1994) Introduction to artificial neural systems. Jaico Publishing House, India Jacek ZM (1994) Introduction to artificial neural systems. Jaico Publishing House, India
40.
Zurück zum Zitat Kantardzic M (2011) Data mining: concepts, models, methods, and algorithms, 2nd edn. Wiley, USACrossRef Kantardzic M (2011) Data mining: concepts, models, methods, and algorithms, 2nd edn. Wiley, USACrossRef
Metadaten
Titel
Predicting phishing websites based on self-structuring neural network
verfasst von
Rami M. Mohammad
Fadi Thabtah
Lee McCluskey
Publikationsdatum
01.08.2014
Verlag
Springer London
Erschienen in
Neural Computing and Applications / Ausgabe 2/2014
Print ISSN: 0941-0643
Elektronische ISSN: 1433-3058
DOI
https://doi.org/10.1007/s00521-013-1490-z

Weitere Artikel der Ausgabe 2/2014

Neural Computing and Applications 2/2014 Zur Ausgabe