• DocumentCode
    1809794
  • Title

    PhishAri: Automatic realtime phishing detection on twitter

  • Author

    Aggarwal, A. ; Rajadesingan, A. ; Kumaraguru, Ponnurangam

  • Author_Institution
    Indraprastha Inst. of Inf. Technol., New Delhi, India
  • fYear
    2012
  • fDate
    23-24 Oct. 2012
  • Firstpage
    1
  • Lastpage
    12
  • Abstract
    With the advent of online social media, phishers have started using social networks like Twitter, Facebook, and Foursquare to spread phishing scams. Twitter is an immensely popular micro-blogging network where people post short messages of 140 characters called tweets. It has over 100 million active users who post about 200 million tweets everyday. Phishers have started using Twitter as a medium to spread phishing because of this vast information dissemination. Further, it is difficult to detect phishing on Twitter unlike emails because of the quick spread of phishing links in the network, short size of the content, and use of URL obfuscation to shorten the URL. Our technique, PhishAri, detects phishing on Twitter in realtime. We use Twitter specific features along with URL features to detect whether a tweet posted with a URL is phishing or not. Some of the Twitter specific features we use are tweet content and its characteristics like length, hashtags, and mentions. Other Twitter features used are the characteristics of the Twitter user posting the tweet such as age of the account, number of tweets, and the follower-followee ratio. These twitter specific features coupled with URL based features prove to be a strong mechanism to detect phishing tweets. We use machine learning classification techniques and detect phishing tweets with an accuracy of 92.52%. We have deployed our system for end-users by providing an easy to use Chrome browser extension. The extension works in realtime and classifies a tweet as phishing or safe. In this research, we show that we are able to detect phishing tweets at zero hour with high accuracy which is much faster than public blacklists and as well as Twitter´s own defense mechanism to detect malicious content. We also performed a quick user evaluation of PhishAri in a laboratory study to evaluate the usability and effectiveness of PhishAri and showed that users like and find it convenient to use PhishAri in real-world. To the best of- our knowledge, this is the first realtime, comprehensive and usable system to detect phishing on Twitter.
  • Keywords
    computer crime; information dissemination; learning (artificial intelligence); online front-ends; pattern classification; social networking (online); Chrome browser extension; Facebook; Foursquare; PhishAri effectiveness evaluation; PhishAri usability evaluation; Twitter user account age; Twitter user follower-followee ratio; Twitter user tweet number; URL obfuscation; URL-based features; automatic realtime Twitter phishing detection; information dissemination; machine learning classification techniques; malicious content detection; microblogging network; online social media; phishing scams; short messages; social networks; tweet characteristics; tweet content; tweet hashtags; tweet length; tweet mentions; twitter specific features;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    eCrime Researchers Summit (eCrime), 2012
  • Conference_Location
    Las Croabas
  • ISSN
    2159-1237
  • Print_ISBN
    978-1-4673-2544-8
  • Type

    conf

  • DOI
    10.1109/eCrime.2012.6489521
  • Filename
    6489521