Anti-phishing Methods Research Articles

Illegitimate Websites Detection Using Deep Learning Framework

Phishing is a crime involving robbery of confidential user data. The phishing websites are aimed at individuals, businesses, and cloud storage and government websites. Hardware- based anti-phishing methods are generally used, but software- based approaches are favored because of costs and operational factors. There is no solution to the problem such as zero-day phishing attacks from current phishing detection approaches. A three-phase attack detection called the Phishing Attack Detector based on Web Crawler was proposed to resolve these problems and precisely detect phishing incidences using recurrent neural network. It includes the input features Web traffic, web content and Uniform Resource Locator (URL) based on the classification of phishing and non-phishing pages

Detecting Phishing Links Analysis using Machine Learning

This proposed strategy for identifying phishing websites employed the Gradient Boosting Classifier model, focusing on various aspects of URL significance. By meticulously extracting and comparing different characteristics between legitimate and phishing URLs, our approach leverages the Gradient Boosting Classifier to identify phishing URLs effectively. The study's findings underscore the successful application of our suggested approach in real-time, demonstrating its ability to distinguish between legitimate and bogus websites. Given the relentless evolution of phishing techniques facilitated by advancing technology, employing anti-phishing methods is imperative. Phishing attacks, which often rely on deceptive websites closely resembling genuine ones in appearance and language, pose a significant threat. Machine learning emerges as a robust tool in thwarting such assaults, offering the ability to discern subtle patterns indicative of malicious intent. Phishing remains a preferred tactic for attackers due to its effectiveness in bypassing traditional security measures. By duping unsuspecting users into clicking seemingly authentic yet malicious links, attackers exploit human vulnerability, highlighting the importance of proactive detection mechanisms. In this context, our utilization of the Gradient Boosting Classifier underscores the efficacy of machine learning in fortifying defenses against phishing attacks. As cyber threats evolve, embracing innovative approaches like machine learning becomes essential in safeguarding against emerging risks.

HyperFusion: Combating Phishing Attacks through URL, Hyperlink, and User Behavior Analysis

Abstract: Phishing attacks remain a persistent threat in cyberspace, demanding innovative solutions for timely detection. In this paper, HyperFusion, a pioneering approach that combines machine learning with user behavior analysis, is introduced to enhance the real-time identification of phishing websites. By integrating features derived from URL and hyperlink characteristics with dynamic user interaction patterns, HyperFusion achieves unprecedented accuracy without reliance on thirdparty systems. Traditional anti-phishing methods often falter against zero-hour attacks or novel phishing websites, underscoring the need for novel strategies. The methodology addresses this challenge by leveraging user behavior data alongside client-side information, thereby eliminating external dependencies and fortifying defense mechanisms. Additionally, a tailored dataset for rigorous experimentation is presented, facilitating a comprehensive evaluation of the approach. Experimental results demonstrate HyperFusion's superior efficacy, boasting a remarkable detection accuracy of 99.37% with the XG Boost technique.

A Survey of Machine Learning-Based Solutions for Phishing Website Detection

With the development of the Internet, network security has aroused people’s attention. It can be said that a secure network environment is a basis for the rapid and sound development of the Internet. Phishing is an essential class of cybercriminals which is a malicious act of tricking users into clicking on phishing links, stealing user information, and ultimately using user data to fake logging in with related accounts to steal funds. Network security is an iterative issue of attack and defense. The methods of phishing and the technology of phishing detection are constantly being updated. Traditional methods for identifying phishing links rely on blacklists and whitelists, but this cannot identify new phishing links. Therefore, we need to solve how to predict whether a newly emerging link is a phishing website and improve the accuracy of the prediction. With the maturity of machine learning technology, prediction has become a vital ability. This paper offers a state-of-the-art survey on methods for phishing website detection. It starts with the life cycle of phishing, introduces common anti-phishing methods, mainly focuses on the method of identifying phishing links, and has an in-depth understanding of machine learning-based solutions, including data collection, feature extraction, modeling, and evaluation performance. This paper provides a detailed comparison of various solutions for phishing website detection.

Improving the phishing website detection using empirical analysis of Function Tree and its variants

The phishing attack is one of the most complex threats that have put internet users and legitimate web resource owners at risk. The recent rise in the number of phishing attacks has instilled distrust in legitimate internet users, making them feel less safe even in the presence of powerful antivirus apps. Reports of a rise in financial damages as a result of phishing website attacks have caused grave concern. Several methods, including blacklists and machine learning-based models, have been proposed to combat phishing website attacks. The blacklist anti-phishing method has been faulted for failure to detect new phishing URLs due to its reliance on compiled blacklisted phishing URLs. Many ML methods for detecting phishing websites have been reported with relatively low detection accuracy and high false alarm. Hence, this research proposed a Functional Tree (FT) based meta-learning models for detecting phishing websites. That is, this study investigated improving the phishing website detection using empirical analysis of FT and its variants. The proposed models outperformed baseline classifiers, meta-learners and hybrid models that are used for phishing websites detection in existing studies. Besides, the proposed FT based meta-learners are effective for detecting legitimate and phishing websites with accuracy as high as 98.51% and a false positive rate as low as 0.015. Hence, the deployment and adoption of FT and its meta-learner variants for phishing website detection and applicable cybersecurity attacks are recommended.

Detecting the Phishing Attack Using Collaborative Approach and Secure Login through Dynamic Virtual Passwords

User data protection is a major problem in the technical world. To get critical data from people such as bank account, credit card details and passwords, fraudulent people use different techniques for their advantages. Misuse of user credentials affects many industry sectors day by day. The fraudulent practice where more people connected to a network revealing sensitive data of individual, group or a company of legitimate sources called phishing. The aids for the hackers are forged websites and emails which look similar as original. There are different anti-phishing methods are proposed which follows various methods, to protect users against phishing. Proposed technique has detection of phishing at various stages. It contains incoming mail analysis for its feature as well as source. If mail has link to webpage, that cautious webpage is checked for its legitimateness. It is examined by using two methods. For popular sites, webpage content is compared with content of known legitimate site. The second step is to find whether any cautious site is increasingly dependable on any related pages to calculate relationship strength indirectly or directly associated pages. To protect from phishing attacks, these techniques uses virtual passwords for logging into sites.

Detecting Phishing SMS Based on Multiple Correlation Algorithms.

The SMS phishing is another method where the phisher operates the SMS as a medium to communicate with the victims and this method is identified as smishing (SMS + phishing). Researchers promoted several anti-phishing methods where the correlation algorithm is applied to explore the relevancy of the features since there are numerous features in the features corpus. The correlation algorithm assesses the rank of the features that is the highest rank leads to the more relevant to the appropriate assignment. Therefore, this paper analyses four rank correlation algorithms particularly Pearson rank correlation, Spearman’s rank correlation, Kendall rank correlation, and Point biserial rank correlation with a machine-learning algorithm to determine the best features set for detecting Smishing messages. The result of the investigation reveals that the AdaBoost classifier offered better accuracy. Further analysis shows that the classifier with the ranking algorithm that is Kendall rank correlation appeared superior accuracy than the other correlation algorithms. The inferred of this experiment confirms that the ranking algorithm was able to reduce the dimension of features with 61.53% and presented an accuracy of 98.40%.

Phishing Attack Detection using a Search Engine and Heuristics-based Technique

The language used in the textual content of the webpage is the barrier in most of the existing anti-phishing methods. Most of the existing anti-phishing methods can identify the fake webpages written in the English language only. Therefore, we present a search engine-based method in this article, which identifies phishing webpages accurately regardless of the textual language used within the webpage. The proposed search engine-based method uses a lightweight, consistent and language independent search query to detect the legality of the suspicious URL. We have also integrated five heuristics with the search engine-based mechanism to improve the detection accuracy, as some newly created legitimate sites may not appear in the search engine. The proposed method can also correctly classify the newly created legitimate sites that are not classified by available search engine-based methods. Evaluation results show that our method outperforms the available search-based techniques and achieves 98.15% TPR of and only 0.05% FPR.

An Efficient Antiphishing Method to Secure eConsume

In this paper, an antiphishing method, called resource request based phishing discovery (RRPD), has been discussed. By analyzing the resources request characteristics of phishing websites, this method can be used on both the client and server sides. On the client side, client RRPD can be used by the web browser for phishing sites detection. On the server side, server RRPD based on the domain name system dataflow can discover the suspicious phishing sites by analyzing a small amount of web content, which saves bandwidth and computing resources to the utmost. Experimental results demonstrate the effectiveness of the proposed methods.

Visualisation Model Based on Phishing Features

The numbers of online purchases and electronic banking transactions have increased substantially in the era of electronic business and mobile commerce. These online financial activities have attracted a special web threat called “phishing” that targets Internet users by seeking their credentials in order to access their financial information. Phishing involves impersonating a legitimate website by creating a visually similar fake website to deceive users. In the last decade different solutions to fight phishing that are primarily based on educating users, user’s experience, search methods, machine learning and features similarity have been developed. This paper combines computational intelligence along with user’s experience approaches to develop an anti-phishing visualisation method. Our method employs effective features chosen following thorough analysis on features scores generated by Correlation Feature Set and Information Gain processing techniques. We validate our anti-phishing features using classification systems produced by rule induction data mining approach. False positives, false negatives and phishing detection rate are the basis of evaluating the classification systems to measure our anti-phishing methods features’ integrity.

Phishing Websites Detection Using Data Mining Classification Model

Phishing is a significant security threat to the Internet; it is an electronic online identity theft in which the attackers use spoofing techniques like fake websites that mimic legal websites to trick users into revealing their private information. Many of successful phishing attacks do exist and subsequently a considerable number of anti-phishing methods have been proposed. However, they vary in terms of their accuracy and error rate. This paper proposes an algorithm for phishing websites detection using data mining classification model. It is implemented and experimented using a dataset composed of 20 different webpage features and 1,000 instances. The experimental results showed that the proposed algorithm outperforms the original one in terms of the number of classification rules, accuracy (87%) and less error rate (0.1 %).

Enhancing Predictive Analytics for Anti-Phishing by Exploiting Website Genre Information

Phishing websites continue to successfully exploit user vulnerabilities in household and enterprise settings. Existing anti-phishing tools lack the accuracy and generalizability needed to protect Internet users and organizations from the myriad of attacks encountered daily. Consequently, users often disregard these tools’ warnings. In this study, using a design science approach, we propose a novel method for detecting phishing websites. By adopting a genre theoretic perspective, the proposed genre tree kernel method utilizes fraud cues that are associated with differences in purpose between legitimate and phishing websites, manifested through genre composition and design structure, resulting in enhanced anti-phishing capabilities. To evaluate the genre tree kernel method, a series of experiments were conducted on a testbed encompassing thousands of legitimate and phishing websites. The results revealed that the proposed method provided significantly better detection capabilities than state-of-the-art anti-phishing methods. An additional experiment demonstrated the effectiveness of the genre tree kernel technique in user settings; users utilizing the method were able to better identify and avoid phishing websites, and were consequently less likely to transact with them. Given the extensive monetary and social ramifications associated with phishing, the results have important implications for future anti-phishing strategies. More broadly, the results underscore the importance of considering intention/purpose as a critical dimension for automated credibility assessment: focusing not only on the “what” but rather on operationalizing the “why” into salient detection cues.

A Survey of Phishing Attack Techniques

Now in a day’s phishing is a special type of network attack where the attacker creates a replica of an existing web page to fool users in to submitting personal, financial, transaction or password data to what they think is their service provider’s website. Phishing has two techniques, deceptive phishing and malware – based phishing. Here we focus on deceptive phishing using social engineering schemes. To protect users against phishing, various anti-phishing techniques have been proposed. In this paper we have reviewed various phishing and anti-phishing methods for detecting and preventing phishing attack.

Antiphishing through Phishing Target Discovery

Phishing attacks are growing in both volume and sophistication. The antiphishing method described here collects webpages with either a direct or indirect association with a given suspicious webpage. This enables the discovery of a webpage's so-called community and then ultimately its phishing target - that is, the page with the strongest parasitic relationship to the suspicious webpage. Finding this target lets users determine whether the given webpage is a phishing page.

An intelligent anti-phishing solution: password-transaction secure window

Current phishing attacks cause serious problems to both organisations and users. Phishing attackers try to steal the confidential information of the users such as their username, password etc. Phishing is done either by e-mails or instant messaging or by a spoofed website which is an exact replica of original one. It is very difficult to distinguish fake websites and legitimate websites. Homograph attacks help in phishing and make it more difficult for users to identify them. Some malware like key-loggers also help to steal the crucial information. A different type of malware called transaction generator (TG) is also used by attackers. Instead of passing the confidential information to attackers, a TG waits until users login into their accounts and then does the transaction illegally in the background. In this paper, we present several anti-phishing methods with their pros and cons. In addition, we propose an intelligent anti-phishing solution named Password-Transaction Secure Window (PTSW) in order to secure users and their personal information. The PTSW is a cheap and efficient solution against password and transaction attacks.