Identifying Phishing Through Web Content and Addressed Bar-Based Features

Phishing which can also be called spoofing is mainly used to explain an approach being used by Internet scammers or cybercriminals to lure a genuine Internet user into revealing vital, confidential and classified information with the intention of using information gathered against them. Through this form of vulnerability, cybercriminals use the information obtained to gain access into personal information to rob individual of valuables ranging. Since Internet users have increased gloabally, the number of people accessing email, social media and only transaction has increased accordingly. The upsurge in the number of Internet user has therefore enhanced the nefarious activities of the cybercriminals. Verification and checking of address bar features and content of web were adopted in handling phishing detection in this work. Efforts were made to properly study various features of websites considered as phishing as well as those that match the research work. To verify the efficiency of the system, a dataset comprising of phishing websites was downloaded from the popular phishing sites. To start with, a total number of 110 Universal Resource Locators (URLs) considered to be phishing were verified where the system was able to detect 88 websites considered to be phishing while only twenty two (22) URLs were detected as non-phishing websites. With this result, the efficiency and accuracy level of the system is put at 80%.

[1]  Christopher Krügel,et al.  Protecting users against phishing attacks with AntiPhish , 2005, 29th Annual International Computer Software and Applications Conference (COMPSAC'05).

[2]  Min-Yen Kan,et al.  Fast webpage classification using URL features , 2005, CIKM '05.

[3]  Lawrence K. Saul,et al.  Beyond blacklists: learning to detect malicious web sites from suspicious URLs , 2009, KDD.

[4]  Harry Zhang,et al.  The Optimality of Naive Bayes , 2004, FLAIRS.

[5]  Mojtaba Vahidi-Asl,et al.  Learn to Detect Phishing Scams Using Learning and Ensemble ?Methods , 2007, 2007 IEEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology - Workshops.

[6]  Yi-Shin Chen,et al.  Detect phishing by checking content consistency , 2014, Proceedings of the 2014 IEEE 15th International Conference on Information Reuse and Integration (IEEE IRI 2014).

[7]  Isabella M. Venter,et al.  Evaluation of a flexible column-based access control security model for medical-based information , 2015 .

[8]  Isabella M. Venter,et al.  Towards ensuring scalability, interoperability and efficient access control in a multi-domain grid-based environment , 2013 .

[9]  V. Suganya,et al.  A Review on Phishing Attacks and Various Anti Phishing Techniques , 2016 .

[10]  Adel Nadjaran Toosi,et al.  A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers , 2007, Comput. Commun..

[11]  Azeez Nureni Ayo,et al.  A Framework for Computer Aided Investigation of ATM Fraud in Nigeria , 2010 .

[12]  N. A. Azeez,et al.  AANtID: an alternative approach to network intrusion detection , 2016 .

[13]  Xuhua Ding,et al.  Anomaly Based Web Phishing Page Detection , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[14]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[15]  Justin Tung Ma,et al.  Learning to detect malicious URLs , 2011, TIST.

[16]  Mohd Mahmood Ali,et al.  APD: ARM Deceptive Phishing Detector System Phishing Detection in Instant Messengers Using Data Mining Approach , 2011 .

[17]  S. E. Smaha Haystack: an intrusion detection system , 1988, [Proceedings 1988] Fourth Aerospace Computer Security Applications.

[18]  Shambhu J. Upadhyaya,et al.  PHONEY: mimicking user response to detect phishing attacks , 2006, 2006 International Symposium on a World of Wireless, Mobile and Multimedia Networks(WoWMoM'06).

[19]  Nureni Ayofe Azeez,et al.  CyberProtector: Identifying Compromised URLs in Electronic Mails with Bayesian Classification , 2016, 2016 International Conference on Computational Science and Computational Intelligence (CSCI).

[20]  L. Rajamani,et al.  Deceptive phishing detection system: From audio and text messages in Instant Messengers using Data Mining approach , 2012, International Conference on Pattern Recognition, Informatics and Medical Engineering (PRIME-2012).

[21]  R. K. Challa,et al.  Novel intrusion detection system integrating layered framework with neural network , 2013, 2013 3rd IEEE International Advance Computing Conference (IACC).

[22]  Barry Irwin,et al.  CYBER SECURITY: CHALLENGES AND THE WAY FORWARD , 2010 .

[23]  K. Raghuveer,et al.  Intrusion detection technique by using k-means, fuzzy neural network and SVM classifiers , 2013, 2013 International Conference on Computer Communication and Informatics.