Proactive Phishing Sites Detection

Phishing is one of the social engineering techniques to steal users’ sensitive information by disguising a fake Web site as a trustworthy one. Previous research proposed phishing mitigation techniques, such as blacklist, heuristics, visual similarity, and machine learning. However, these kinds of methods have limitation on the detection of a zero-hour phishing site, a phishing site that no one has noticed yet. This paper presents a new approach to the detection of zero-hour phishing sites: proactive detection. If those malicious sites are detected as early as possible, shutdown by the specialized agencies and mitigation of user damages are expected. We also present a method and system of efficient phishing site detection based on the proactive approach. The method is composed of two major parts: suspicious domain names generation and judgment. The former predicts likely phishing Web sites from the given legitimate brand domain name. The latter scores and judges suspects by calculating various indexes. That is, zero-hour phishing sites can be detected by hypothesis and test cycles. As a result of the preliminary experiment, we detected several zero-hour phishing sites disguising as major brands, including eBay, Google, and Amazon. CCS CONCEPTS • Security and privacy $\rightarrow$ Phishing; Social network security and privacy.

[1]  Evgeniy Gabrilovich,et al.  The homograph attack , 2002, CACM.

[2]  Youssef Iraqi,et al.  Phishing Detection: A Literature Survey , 2013, IEEE Communications Surveys & Tutorials.

[3]  Martin J. Dürst,et al.  Internationalized Resource Identifiers (IRIs) , 2005, RFC.

[4]  Vijay K. Gurbani,et al.  Phishwish: A Stateless Phishing Filter Using Minimal Rules , 2008, Financial Cryptography.

[5]  Yu Zhou,et al.  Visual Similarity Based Anti-phishing with the Combination of Local and Global Features , 2014, 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications.

[6]  Lorrie Faith Cranor,et al.  Cantina: a content-based approach to detecting phishing web sites , 2007, WWW '07.

[7]  Tommy W. S. Chow,et al.  Textual and Visual Content-Based Anti-Phishing: A Bayesian Approach , 2011, IEEE Transactions on Neural Networks.

[8]  A. Sardana,et al.  A PageRank based detection technique for phishing web sites , 2012, 2012 IEEE Symposium on Computers & Informatics (ISCI).

[9]  Akira Yamada,et al.  Visual similarity-based phishing detection without victim site information , 2009, 2009 IEEE Symposium on Computational Intelligence in Cyber Security.

[10]  Ponnurangam Kumaraguru,et al.  Who falls for phish?: a demographic analysis of phishing susceptibility and effectiveness of interventions , 2010, CHI.

[11]  Lorrie Faith Cranor,et al.  An Empirical Analysis of Phishing Blacklists , 2009, CEAS 2009.

[12]  Gang Liu,et al.  Automatic Detection of Phishing Target from Phishing Webpage , 2010, 2010 20th International Conference on Pattern Recognition.