论文信息 - Automatic Detection of Phishing Target from Phishing Webpage

Automatic Detection of Phishing Target from Phishing Webpage

An approach to identification of the phishing target of a given (suspicious) webpage is proposed by clustering the webpage set consisting of its all associated webpages and the given webpage itself. We first find its associated webpages, and then explore their relationships to the given webpage as their features for clustering. Such relationships include link relationship, ranking relationship, text similarity, and webpage layout similarity relationship. A DBSCAN clustering method is employed to find if there is a cluster around the given webpage. If such cluster exists, we claim the given webpage is a phishing webpage and then find its phishing target (i.e., the legitimate webpage it is attacking) from this cluster. Otherwise, we identify it as a legitimate webpage. Our test dataset consists of 8745 phishing pages (targeting at 76 well-known websites) selected from Phish Tank and preliminary experiments show that the approach can successfully identify 91.44% of their phishing targets. Another dataset of 1000 legitimate webpages is collected to test our method’s false alarm rate, which is 3.40%.

[1] J. Doug Tygar,et al. The battle against phishing: Dynamic Security Skins , 2005, SOUPS '05.

[2] Xiaotie Deng,et al. Detecting Phishing Web Pages with Visual Similarity Assessment Based on Earth Mover's Distance (EMD) , 2006, IEEE Transactions on Dependable and Secure Computing.

[3] Hans-Peter Kriegel,et al. A Density-Based Algorithm for Discovering Clusters in Large Spatial Databases with Noise , 1996, KDD.

[4] Xuhua Ding,et al. Anomaly Based Web Phishing Page Detection , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[5] Gang Liu,et al. Discovering phishing target based on semantic link network , 2010 .

[6] Jason I. Hong,et al. A hybrid phish detection approach by identity discovery and keywords retrieval , 2009, WWW '09.

[7] Janice Y. Tsai,et al. Soups 2006 , 2006, IEEE Security & Privacy Magazine.

[8] Lorrie Faith Cranor,et al. Cantina: a content-based approach to detecting phishing web sites , 2007, WWW '07.

[9] Robert W. Reeder,et al. Soups 2005 , 2005, IEEE Secur. Priv..

[10] Min Wu,et al. Web wallet: preventing phishing attacks by revealing user intentions , 2006, SOUPS '06.

[11] Xiaotie Deng,et al. An antiphishing strategy based on visual similarity assessment , 2006, IEEE Internet Computing.