DocumentCode :
246785
Title :
Phishing website detection using URL-assisted brand name weighting system
Author :
Choon Lin Tan ; Kang Leng Chiew ; San Nah Sze
Author_Institution :
Fac. of Comput. Sci. & Inf. Technol., Univ. Malaysia Sarawak, Kota Samarahan, Malaysia
fYear :
2014
fDate :
1-4 Dec. 2014
Abstract :
In this paper, we propose an anti-phishing technique to safeguard users against phishing attacks in the internet. The scope of our study focuses primarily on the detection of phishing websites with English content. In order to convince users on whom the website claims to be, phishers normally place brand names in different parts of the URL. We exploit this phishing pattern by assigning weights to words extracted from the HTML content, based on their co-appearance at hostname, path and filenames of URLs. These weights are then added to their corresponding TF-IDF weights. The most probable words are selected and submitted to Yahoo Search to retrieve the highest frequency domain name among the top 30 search results. A WHOIS lookup is conducted to reveal the owner behind the selected domain name. A phishing website can be easily distinguished if the owner of query domain name differs from the owner of domain name returned by the search engine. Experiments conducted over a dataset of phishing and legitimate websites achieves a true positive rate of 98.2% while maintaining a false positive rate of 5.9%. Our findings prove that brand names in HTML content are very effective in detecting phishing websites.
Keywords :
Internet; computer crime; frequency-domain analysis; hypermedia markup languages; search engines; HTML content; Internet; TF-IDF weight; URL-assisted brand name weighting system; WHOIS lookup; antiphishing technique; english content; frequency domain; hostname; phishing Website detection; phishing attack; phishing dataset; query domain; safeguard user; search engine; word extraction; Accuracy; Feature extraction; HTML; Internet; Organizations; Search engines; Uniform resource locators; URL; WHOIS; brand names; phishing detection; search engine;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Intelligent Signal Processing and Communication Systems (ISPACS), 2014 International Symposium on
Conference_Location :
Kuching
Type :
conf
DOI :
10.1109/ISPACS.2014.7024424
Filename :
7024424
Link To Document :
بازگشت