A framework for phishing attack identification using rough set and formal concept analysis

Convergence of information and communication on technology changed the life of a common man over the last few years. At the same time it increases threats to a common man. In order to overcome these situations lots of research is carried out in the direction network and internet security. In addition identification of various attacks is of great challenge before taking any security measures. Identification of phishing attacks such as fake e-mails or websites is one such critical attack in internetworking. It is an illegal trick game that collects personal information from a legitimate user. The fake e-mails or website looking like a true one and even in the web pages where users are asked to send their personal information may look like a legitimate. Identification of such websites, e-mails is one of great challenge today. To this end, in this paper, we propose a model for identification of phishing attacks and chief attributes that make an object phishing object using rough set and formal concept analysis. The concept is explained with an illustration and followed by a case study. The results obtained show the viability of the proposed research.

[1]  Sugata Sanyal,et al.  A new protocol to counter online dictionary attacks , 2006, Comput. Secur..

[2]  Sudip Misra,et al.  Using honeynodes for defense against jamming attacks in wireless infrastructure-based networks , 2010, Comput. Electr. Eng..

[3]  Lawrence K. Saul,et al.  Beyond blacklists: learning to detect malicious web sites from suspicious URLs , 2009, KDD.

[4]  Yudong Zhang,et al.  Spam Detection via Feature Selection and Decision Tree , 2012 .

[5]  P. Venkata Krishna,et al.  An adaptive learning routing protocol for the prevention of distributed denial of service attacks in wireless mesh networks , 2010, Comput. Math. Appl..

[6]  M. Marchese,et al.  An ant colony optimization method for generalized TSP problem , 2008 .

[7]  Lotfi A. Zadeh,et al.  Fuzzy Sets , 1996, Inf. Control..

[8]  Claudio De Stefano,et al.  A GA-based feature selection approach with an application to handwritten character recognition , 2014, Pattern Recognit. Lett..

[9]  Lida Xu,et al.  A local-density based spatial clustering algorithm with noise , 2007, Inf. Syst..

[10]  Norman M. Sadeh,et al.  Learning to detect phishing emails , 2007, WWW '07.

[11]  D. Molodtsov Soft set theory—First results , 1999 .

[12]  Xi Chen,et al.  Assessing the severity of phishing attacks: A hybrid data mining approach , 2011, Decis. Support Syst..

[13]  Lorrie Faith Cranor,et al.  Cantina: a content-based approach to detecting phishing web sites , 2007, WWW '07.

[14]  Niels Provos,et al.  A framework for detection and measurement of phishing attacks , 2007, WORM '07.

[15]  Zdzislaw Pawlak,et al.  Rough sets and intelligent data analysis , 2002, Inf. Sci..

[16]  Andrew H. Sung,et al.  Mining Web to Detect Phishing URLs , 2012, 2012 11th International Conference on Machine Learning and Applications.

[17]  Andrew H. Sung,et al.  Classifying Phishing Emails Using Confidence-Weighted Linear Classifiers , 2010 .

[18]  B. K. Tripathy,et al.  A Framework for Intelligent Medical Diagnosis using Rough Set with Formal Concept Analysis , 2011, ArXiv.

[19]  Swapan Purkait Preventing Phishing Attacks with Virtual Browser Extension , 2014 .

[20]  Sugata Sanyal,et al.  RISM - Reputation Based Intrusion Detection System for Mobile Ad hoc Networks , 2013, ArXiv.

[21]  Andrzej Skowron,et al.  Rough set methods in feature selection and recognition , 2003, Pattern Recognit. Lett..

[22]  Shian-Shyong Tseng,et al.  Building a Self-Organizing Phishing Model Based upon Dynamic EMCUD , 2013, 2013 Ninth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

[23]  Bernhard Ganter,et al.  Formal Concept Analysis , 2013 .

[24]  Sugata Sanyal,et al.  Sleep Deprivation Attack Detection in Wireless Sensor Network , 2012 .

[25]  Sudip Misra,et al.  Using Honeynodes along with Channel Surfing for Defense against Jamming Attacks in Wireless Networks , 2008, 2008 Third International Conference on Systems and Networks Communications.

[26]  Mohammad S. Obaidat,et al.  Detection of Identity-Based Attacks in Wireless Sensor Networks Using Signalprints , 2010, 2010 IEEE/ACM Int'l Conference on Green Computing and Communications & Int'l Conference on Cyber, Physical and Social Computing.

[27]  Jerzy W. Grzymala-Busse,et al.  Rough Sets , 1995, Commun. ACM.

[28]  Andrew H. Sung,et al.  Detection of Phishing Attacks: A Machine Learning Approach , 2008, Soft Computing Applications in Industry.

[29]  Ranjit Singh,et al.  Information Warfare-Worthy Jamming Attack Detection Mechanism for Wireless Sensor Networks Using a Fuzzy Inference System , 2010, Sensors.

[30]  Christopher Krügel,et al.  A layout-similarity-based approach for detecting phishing pages , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.

[31]  Brian Ryner,et al.  Large-Scale Automatic Classification of Phishing Pages , 2010, NDSS.

[32]  Radha Damodaram,et al.  Phishing website detection and optimization using Modified bat algorithm , 2012 .

[33]  Mohammad S. Obaidat,et al.  Attack Graph Generation with Infused Fuzzy Clustering , 2009, SECRYPT.