New rule-based phishing detection method.
Expert Syst. Appl.(2016)
摘要
We propose two feature sets to determine the webpage identity.Our proposed features do not have any dependency to 3rd-party services.We proposed a rule-based method by extracting the hidden knowledge from our model.We provide an extension called PhishDetector to detect phishing attacks.Experiments show that PhishDetector detects zero-day phishing with high accuracy. In this paper, we present a new rule-based method to detect phishing attacks in internet banking. Our rule-based method used two novel feature sets, which have been proposed to determine the webpage identity. Our proposed feature sets include four features to evaluate the page resources identity, and four features to identify the access protocol of page resource elements. We used approximate string matching algorithms to determine the relationship between the content and the URL of a page in our first proposed feature set. Our proposed features are independent from third-party services such as search engines result and/or web browser history. We employed support vector machine (SVM) algorithm to classify webpages. Our experiments indicate that the proposed model can detect phishing pages in internet banking with accuracy of 99.14% true positive and only 0.86% false negative alarm. Output of sensitivity analysis demonstrates the significant impact of our proposed features over traditional features. We extracted the hidden knowledge from the proposed SVM model by adopting a related method. We embedded the extracted rules into a browser extension named PhishDetector to make our proposed method more functional and easy to use. Evaluating of the implemented browser extension indicates that it can detect phishing attacks in internet banking with high accuracy and reliability. PhishDetector can detect zero-day phishing attacks too.
更多查看译文
关键词
Phishing,Internet banking,Classification,SVM,Sensitivity analysis,Browser extension,Rule-based
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络