论文信息 - A Real-Life Study in Phishing Detection

A Real-Life Study in Phishing Detection

Phishing is a serious threat to global security and economy. Previously we have developed a phishing ltering system based on automatic classication. We perform statistical ltering of emails, where a classier is trained on characteristic features of existing emails and subsequently is able to identify new phishing emails with dierent contents. In this work we test our developed system in a real-life environment at a commercial ISP. The system is applied to an unskewed real-life stream consisting of thousands of emails every day. We use active learning to keep the system’s model up-todate. The experiments show that the system performs very well as a lter even in the presence of many spam emails. We furthermore demonstrate that active learning is indeed useful and leads to better results than using a xed model. Last, we integrate the output of another spam lter into the system and show that this combined lter leads to better results than either lter by itself.

Fraunhofer Iais | Domenico Dato | Luigi D'Addona | Tiscali Italia

[1] Gerhard Paass,et al. Improved Phishing Detection using Model-Based Features , 2008, CEAS.

[2] Ning Wu,et al. On Compression-Based Text Classification , 2005, ECIR.

[3] Lorrie Faith Cranor,et al. Cantina: a content-based approach to detecting phishing web sites , 2007, WWW '07.

[4] D. Sculley,et al. Online Active Learning Methods for Fast Label-Efficient Spam Filtering , 2007, CEAS.

[5] Michael I. Jordan,et al. Latent Dirichlet Allocation , 2001, J. Mach. Learn. Res..

[6] Ishwar K. Sethi,et al. Confidence-based active learning , 2006, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[7] R. Nigel Horspool,et al. Data Compression Using Dynamic Markov Modelling , 1987, Comput. J..

[8] Marie-Francine Moens,et al. New filtering approaches for phishing email , 2010, J. Comput. Secur..

[9] Norman M. Sadeh,et al. Learning to detect phishing emails , 2007, WWW '07.

[10] Daphne Koller,et al. Support Vector Machine Active Learning with Applications to Text Classification , 2000, J. Mach. Learn. Res..

[11] Gordon V. Cormack,et al. Spam and the ongoing battle for the inbox , 2007, CACM.

[12] Rong Jin,et al. Large-scale text categorization by batch mode active learning , 2006, WWW '06.

[13] D. Sculley,et al. Relaxed online SVMs for spam filtering , 2007, SIGIR.