Detection and classification of phishing websites
Article Sidebar
Main Article Content
Abstract
‘Phishing sites’ are some type of the internet security issues that mainly targets the human vulnerabilities compared to software vulnerabilities. Phishing sites are malicious websites that imitate as legitimate websites or web pages and aim to steal user’s personal credentials like user id, password, and financial information. Spotting these phishing websites is typically a challenging task because phishing is mainly a semantics-based attack, that mainly focus on human vulnerabilities, not the network or software vulnerabilities. Phishing can be elaborated as the process of charming users in order to gain their personal credentials like user-id’s and passwords. In this paper, we come up with an intelligent system that can spot the phishing sites. This intelligent system is based on a machine learning model. Our aim through this paper is to stalk a better performance classifier by examining the features of the phishing site and choose appropriate combination of systems for the training of the classifier.
Downloads
Article Details
Copyright (c) 2021 Manoj P, et al.
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Microsoft. Microsoft Security Index Report.
Yu WD, Nargundkar S, Tiruthani N (2008) A phishing vulnerability analysis of web-based systems. Proceedings of the 13th IEEE Symposium on Computers and Communications (ISCC 2008). Marrakech, Morocco: IEEE 326- 331. Link: https://bit.ly/2VJhDer
Sheng S, Holbrook M, Kumaraguru P, Cranor LF, Downs J (2010) Who falls for phish? a demographic analysis of phishing susceptibility and effectiveness of interventions. In Proceedings of the 28th international conference on Human factors in computing systems, ser. CHI ’10. New York, NY, USA: ACM 373–382. Link: https://bit.ly/2VL0NeA
Sheng S, Wardman B, Warner G, Cranor LF, Hong J, et al. (2009) An empirical analysis of phishing blacklists. In Proceedings of the 6th Conference in Email and Anti-Spam, ser. CEAS’09, Mountain view, CA. Link: https://bit.ly/3Az9TdT
Khonji M, Iraqi Y, Jones A (2013) Phishing detection: a literature survey. IEEE Communications Surveys & Tutorials 15: 2091-2121. Link: https://bit.ly/3CCcfKz
Google (2017) Google safe browsing API.
Prakash P, Kumar M, Kompella RR, Gupta M (2010) Phishnet: predictive blacklisting to detect phishing attacks. In INFOCOM’10: Proceedings of the 29th conference on Information communications. Piscataway, NJ, USA: IEEE Press 346–350. Link: https://bit.ly/3jJkrA2
Cao Y, Han W, Le Y (2008) Anti-phishing based on automated individual whitelist. In DIM ’08: Proceedings of the 4th ACM workshop on Digital identity management. New York, NY, USA: ACM 51–60. Link: https://bit.ly/3fPGnsi
Rbldnsd. Link: https://bit.ly/3s5UFtI
PhishTank. Link: https://bit.ly/37vGa8Z
TechHelpList. Link: https://bit.ly/3jz4Cfa
Alexa. Link: https://bit.ly/3jIDn1U
Cymon. Link: https://bit.ly/3jI2eDa
All Cybercrime IP Feeds by Firehol. Link: https://bit.ly/3Cz3TTX
Volkamer M, Renaud K, Reinheimer B, Kunz A (2017) User experiences of TORPEDO: TOoltip-poweRed Phishing Email DetectiOn. Computers & Security. Link: https://bit.ly/37x2mQ4
Anti-Phishing Working Group (APWG) (2016) Phishing activity trends report — last quarter 2016. Link: https://bit.ly/3lNULVH