Browse > Article
http://dx.doi.org/10.3745/KTCCS.2015.4.10.349

Phishing Detection Methodology Using Web Sites Heuristic  

Lee, Jin Lee (건국대학교 컴퓨터공학과)
Park, Doo Ho (한국정보통신기술협회)
Lee, Chang Hoon (건국대학교 컴퓨터공학과)
Publication Information
KIPS Transactions on Computer and Communication Systems / v.4, no.10, 2015 , pp. 349-360 More about this Journal
Abstract
In recent year, phishing attacks are flooding with services based on the web technology. Phishing is affecting online security significantly day by day with the vulnerability of web pages. To prevent phishing attacks, a lot of anti-phishing techniques has been made with their own advantages and dis-advantages respectively, but the phishing attack has not been eradicated completely yet. In this paper, we have studied phishing in detail and categorize a process of phishing attack in two parts - Landing-phase, Attack-phase. In addition, we propose an phishing detection methodology based on web sites heuristic. To extract web sites features, we focus on URL and source codes of web sites. To evaluate performance of the suggested method, set up an experiment and analyze its results. Our methodology indicates the detection accuracy of 98.9% with random forest algorithm. The evaluation of proof-of-concept reveals that web site features can be used for phishing detection.
Keywords
Phishing; Anti-Phishing; Heuristic;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Korea Internet and Security Agency [Internet], http://isis.kisa.or.kr/ebook/ebook.html.
2 Korea Internet and Security Agency. Internet & Security Focus [Internet], https://www.krcert.or.kr/kor/data/reportList.jsp, Nov., 2014.
3 Korea Communications Commission [Internet], https://www.kisdi.re.kr/kisdi/common/premium?file=1%7C12940.
4 APWG, "Phishing Activity Trends Report 1st Quarter 2014," Jun., 2014.
5 APWG, "Global Phishing Survey: Trends and Domain Name Use in 1H2014," Oct., 2014.
6 Telecommunications Technology Association [Internet], http: //word.tta.or.kr.
7 Gaurav Kumar Chaudhary, "Development Review on Phishing: A Computer Security Threat," International Journal of Advance Research in Computer Science and Management Studies, Vol.2, No.8, pp.55-64, 2014.
8 M. Nazreen Banu and S. Munawara Banu, "A Comprehensive Study of Phishing Attacks," International Journal of Computer Science and Information Technologies, Vol.4, No.6, pp.783-786, 2013.
9 Trend Micro Inc., "Spear-Phishing Email: Most Favored APT Attack Bait," Trend Micro Incorporated Research Paper, 2012.
10 Joongang Ilbo [Internet], http://life.joins.com/news/article/article.asp?Total_ID=16844310&ctg=12&sid=6692.
11 Thomas Nagunwa, "Behind Identity Theft and Fraud in Cyberspace: The Current Landscape of Phishing Vectors," International Journal of Cyber-Security and Digital Forensics (IJCSDF), Vol.3, No.1, pp.72-83, 2014.
12 PG Research Group, et al., "The Web Identity Prevention: Factors to Consider in The Anti-Phishing Design," International Journal of Engineering Science and Technology, Vol.2, No.7, pp.2807-2812, 2010.
13 JooHyung Oh, ChaeTae Im, and HyunCheol Jeong, "Technical Trends and Response Methods of Drive-by Download," Communications of the Korean Institute of Information Scientists and Engineer, Vol.28, No.11, pp.112-116, 2010.
14 The Open Web Application Security Project. Man-in-themiddle attack [Internet], https://www.owasp.org/index.php?title=Man-in-the-middle_attack&setlang=en.
15 Korea Internet and Security Agency, KISA [Internet], http://boho.or.kr/upload/file/EpF850.pdf.
16 Korea Internet and Security Agency, INTERNET & SECURIT Y FOCUS [Internet], http://www.kisa.or.kr/uploadfile/201502/201502061010089938.pdf, Jan., 2015.
17 Firdous Kausar, et al., "Hybrid Client Side Phishing Websites Detection Approach," International Journal of Advanced Computer Science and Applications (IJACSA), Vol.5, No.7, pp.132-140, 2014.
18 Guang Xiang, et al., "Cantina+: A feature-rich machine learning framework for detecting phishing web sites," ACM Transactions on Information and System Security (TISSEC), Vol.14, No.2, pp.21, 2011.
19 Imtithal A. Saeed, et al., "A Survey on Malware and Malware Detection Systems," International Journal of Computer Applications, Vol.67, No.16, pp.25-31, 2013.   DOI
20 Luong Anh Tuan Nguyen, et al., "A novel approach for phishing detection using URL-based heuristic," Computing, Management and Telecommunications (ComManTel), 2014 International Conference on. IEEE, pp.298-303, 2014.
21 A. Naga Venkata Sunil and Anjali Sardana, "A pagerank based detection technique for phishing web sites," Computers & Informatics(ISCI), 2012 IEEE Symposium on. IEEE, pp.58-63, 2012.
22 Neda Abdelhamid, et al., "Phishing detection based Associative Classification data mining," Expert Systems with Applications, Vol.41, No.13, pp.5948-5959, 2014.   DOI
23 R. Gowtham and Ilango Krishnamurthi, "A comprehensive and efficacious architecture for detecting phishing webpages," Computers & Security, Vol.40, pp.23-37, 2014.   DOI
24 Davide Canali, et al., "Prophiler: a fast filter for the largescale detection of malicious web pages," in Proceedings of the 20th international conference on World Wide Web, ACM, pp.197-206, 2011.
25 Ammar Almomani, et al., "A survey of phishing email filtering techniques," IEEE Communications Surveys & Tutorials, Vol.15, No.4, pp.2070-2090, 2013.   DOI
26 Christian Ludl, et al., "On the effectiveness of techniques to detect phishing sites," Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA 2007), pp.20-39, 2007.
27 Rami M. Mohammad, et al., "Intelligent rule-based phishing websites classification," The Institution of Engineering and Technology. Information Security, Vol.8, No.3, pp.153-160, 2014.
28 H. B. Kazemian and S. Ahmed, "Comparisons of machine learning techniques for detecting malicious webpages," Expert Systems with Applications, Vol.42, No.3, pp.1166-1177, 2015.   DOI
29 Yue Zhang, et al., "Cantina: a content-based approach to detecting phishing web sites," WWW '07 Proceedings of the 16th international conference on World Wide Web. ACM, pp.639-648, 2007.
30 Hwang, Young Sup, et al., "Classifying malicious web pages by using an adaptive support vector machine," Journal of Information Processing Systems, Vol.9, No.3, pp.395-404, 2013.   DOI
31 Ram Basnet, et al., "Detection of phishing attacks: A machine learning approach," Soft Computing Applications in Industry, Springer Berlin Heidelberg, pp.373-383, 2008.
32 Vibhuti Patel and Hasmukh Patel, "Safe Internet Browsing Using Heuristic Based Technique," International Journal of Engineering Development and Research(IJEDR), Vol.2, No.2, pp.1759-1766, 2014.
33 Yung-Tsung Hou, et al., "Malicious web content detection by machine learning," Expert Systems with Applications, Vol.37, No.1, pp.55-60, 2010.   DOI
34 Colin Whittaker, et al., "Large-Scale Automatic Classification of Phishing Pages," NDSS, Vol.10, 2010.
35 V. Santhana Lakshmi and M. S. Vijaya, "Efficient prediction of phishing websites using supervised learning algorithms," Procedia Engineering, Vol.30, pp.798-805, 2012.   DOI
36 Albert Hung-Ren Ko and Robert Sabourin, "Single Classifierbased Multiple Classification Scheme for weak classifiers: An experimental comparison," Expert Systems with Applications, Vol.40, No.9, pp.3606-3622, 2013.   DOI