Search:
Computing and Library Services - delivering an inspiring information environment

An Assessment of Features Related to Phishing Websites using an Automated Technique

Mohammad, Rami, McCluskey, T.L. and Thabtah, Fadi Abdeljaber (2012) An Assessment of Features Related to Phishing Websites using an Automated Technique. In: International Conferece For Internet Technology And Secured Transactions. ICITST 2012 . IEEE, London, UK, pp. 492-497. ISBN 978-1-4673-5325-0

[img] PDF - Accepted Version
Download (664kB)

Abstract

Corporations that offer online trading can achieve a competitive edge by serving worldwide clients. Nevertheless, online trading faces many obstacles such as the unsecured money orders. Phishing is considered a form of internet crime that is defined as the art of mimicking a website of an honest enterprise aiming to acquire confidential information such as usernames, passwords and social security number. There are some characteristics that distinguish phishing websites from legitimate ones such as long URL, IP address in URL, adding prefix and suffix to domain and request URL, etc. In this paper, we explore important features that are automatically extracted from websites using a new tool instead of relying on an experienced human in the extraction process and then judge on the features importance in deciding website legitimacy. Our research aims to develop a group of features that have been shown to be sound and effective in predicting phishing websites and to extract those features according to new scientific precise rules.

▼ Jump to Download Statistics
Item Type: Book Chapter
Uncontrolled Keywords: Website features, Phishing, Security, Rule, features extraction.
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Schools: School of Computing and Engineering
School of Computing and Engineering > High-Performance Intelligent Computing > Planning, Autonomy and Representation of Knowledge
School of Computing and Engineering > High-Performance Intelligent Computing > Planning, Autonomy and Representation of Knowledge
Related URLs:
References:

[1] L. James , Phishing Exposed, Syngress Publishing, 2005.
[2] Nuttapong Sanglerdsinlapachai and Arnon Rungsawang, “Using Domain Top-page Similarity Feature in Machine Learning-based Web,” in Third International Conference on Knowledge Discovery and Data Mining, 2010.
[3] Y. Pan and X. Ding, “Anomaly Based Web Phishing Page Detection,” in In ACSAC '06: Proceedings of the 22nd Annual Computer Security Applications Conference., Dec. 2006.
[4] R. B. Basnet, A. H. Sung and Q. Liu, “Rule-Based Phishing Attack Detection,” in Proceedings of the International Conference on Security and Management-SAM'11, Las Vegas, NV, USA, 2011.
[5] Neil Chou, Robert Ledesma, Yuka Teraguchi, Dan Boneh and John C. Mitchell, “Client–side defense against web–based identity theft,” in 11th Annual Network and Distributed System Security Symposium (NDSS '04), San Diego, February, 2004..
[6] “SpoofGuard,” [Online]. Available: http://crypto.stanford.edu/SpoofGuard/download.html. [Accessed 16 January 2012].
[7] “W3C,” [Online]. Available: http://www.w3.org/TR/DOM-Level-2-HTML/. [Accessed 17 February 2012].
[8] O. Salem, H. Alamgir and K. M, “Awareness Program and AI based Tool to Reduce Risk of Phishing Attacks,” in Computer and Information Technology (CIT),2010 IEEE 10th International Conference., June 29 2010-July 1 2010.
[9] S. E. Schechter, R. Dhamija, A. Ozment and I. Fischer, “The Emperor's New Security Indicators,” in Proceedings of the 2007 IEEE Symposium on Security and Privacy, Washington, DC, USA, 2007.
[10] “PhishTank,” October 2006. [Online]. Available: http://www.phishtank.com/. [Accessed 25 November 2011].
[11] “WhoIS,” [Online]. Available: http://who.is/. [Accessed 13 March 2012].
[12] “Alexa the Web Information Company,” [Online]. Available: http://www.alexa.com/. [Accessed 26 January 2012].
[13] “More than 450 Phishing Attacks Used SSL in 2005,” [Online]. Available: http://news.netcraft.com/archives/2005/12/28/more_than_450_phishing_attacks_used_ssl_in_2005.html. [Accessed 8 March 2012].
[14] “Best SSL Certificates,” [Online]. Available: http://www.bestsslcertificates.com/articles27.html. [Accessed 8 March 2012].

Depositing User: Rami Mohammad
Date Deposited: 14 Mar 2013 09:58
Last Modified: 03 Dec 2016 14:15
URI: http://eprints.hud.ac.uk/id/eprint/16229

Downloads

Downloads per month over past year

Repository Staff Only: item control page

View Item View Item

University of Huddersfield, Queensgate, Huddersfield, HD1 3DH Copyright and Disclaimer All rights reserved ©