A Novel Visual Similarity-based Phishing Detection Scheme using Hue Information with Auto Updating Database

In this paper, we propose a novel visual similarity-based phishing detection scheme using hue information with auto updating database. Since a PWS (Phishing Website) is created based on targeted legitimate website or other subspecies whose hue information is similar each other, many PWSs can be exhaustively detected by tracing similar colored subspecies. Based on this notion, the proposed scheme detects a new PWS which has similar hue information to already detected PWSs. By repeating this procedure, the detection scope can be effectively expanded. In order to avoid the misdetection of legitimate websites which have similar hue information to database's ones, the proposed scheme utilizes the fact that the combination of used colors is hard to be similar among legitimate websites and PWSs. By the computer simulation with real dataset, we demonstrate that the proposed scheme improves the detection performance as the number of detected PWSs increases.

[1]  Ketan Kotecha,et al.  Expert Systems With Applications , 2022 .

[2]  Michalis Faloutsos,et al.  PhishDef: URL names say it all , 2010, 2011 Proceedings IEEE INFOCOM.

[3]  C. Tappert,et al.  A Survey of Binary Similarity and Distance Measures , 2010 .

[4]  Xiaotie Deng,et al.  Detecting Phishing Web Pages with Visual Similarity Assessment Based on Earth Mover's Distance (EMD) , 2006, IEEE Transactions on Dependable and Secure Computing.

[5]  F. L. Hitchcock The Distribution of a Product from Several Sources to Numerous Localities , 1941 .

[6]  Yu Zhou,et al.  Visual Similarity Based Anti-phishing with the Combination of Local and Global Features , 2014, 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications.

[7]  Syed Taqi Ali,et al.  A Computer Vision Technique to Detect Phishing Attacks , 2015, 2015 Fifth International Conference on Communication Systems and Network Technologies.

[8]  Zhenkai Liang,et al.  Phishing-Alarm: Robust and Efficient Phishing Detection via Page Component Similarity , 2017, IEEE Access.

[9]  Lorrie Faith Cranor,et al.  Cantina: a content-based approach to detecting phishing web sites , 2007, WWW '07.

[10]  F.C. Dalgic,et al.  Phish-IRIS: A New Approach for Vision Based Brand Prediction of Phishing Web Pages via Compact Visual Descriptors , 2018, 2018 2nd International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT).

[11]  Ebru Akcapinar Sezer,et al.  Use of HOG descriptors in phishing detection , 2016, 2016 4th International Symposium on Digital Forensic and Security (ISDFS).

[12]  Matt Dixon,et al.  Engaging Users with Educational Games: The Case of Phishing , 2019, CHI Extended Abstracts.

[13]  Carolyn Penstein Rosé,et al.  CANTINA+: A Feature-Rich Machine Learning Framework for Detecting Phishing Web Sites , 2011, TSEC.

[14]  Kuan-Ta Chen,et al.  Fighting Phishing with Discriminative Keypoint Features , 2009, IEEE Internet Computing.

[15]  Ilango Krishnamurthi,et al.  An efficacious method for detecting phishing webpages through target domain identification , 2014, Decis. Support Syst..

[16]  Lorrie Faith Cranor,et al.  Teaching Johnny not to fall for phish , 2010, TOIT.

[17]  Steven C. H. Hoi,et al.  URLNet: Learning a URL Representation with Deep Learning for Malicious URL Detection , 2018, ArXiv.