Conference Papers
Permanent URI for this collectionhttps://idr.nitk.ac.in/handle/123456789/28506
Browse
7 results
Search Results
Item An enhanced blacklist method to detect phishing websites(Springer Verlag service@springer.de, 2017) Rao, R.S.; Pais, A.R.Existing anti-phishing techniques like whitelist or blacklist detect the phishing sites based on the database of approved and unapproved URLs. Most of the current phishing attacks are actually replicas or variations of other attacks in the database. In this paper, we propose an enhanced blacklist method which uses key discriminate features extracted from the source code of the website for the detection of phishing websites. The main focus of our work is to detect the phishing sites which are replicas of existing websites with manipulated content. Each phishing website is identified with a unique fingerprint which is generated from the set of proposed features. We used Simhash algorithm to generate fingerprint for each website. The features used for calculating fingerprint are filenames of the request URLs (js, img, CSS, favicon), pathnames of request URLs (CSS, scripts, img, anchor links), and attribute values of tags (H1, H2, div, body, form). Our experimentation detected 84.36% of phishing sites as replicas of other phishing websites with manipulated content while maintaining zero false positive rate. The proposed method is similar to that of traditional blacklist with an advantage that it can detect replicated and manipulated phishing sites efficiently. © Springer International Publishing AG 2017.Item Detecting phishing websites using automation of human behavior(Association for Computing Machinery, Inc acmhelp@acm.org, 2017) Rao, R.S.; Pais, A.R.In this paper, we propose a technique to detect phishing attacks based on behavior of human when exposed to fake website. Some online users submit fake credentials to the login page before submitting their actual credentials. He/She observes the login status of the resulting page to check whether the website is fake or legitimate. We automate the same behavior with our application (FeedPhish) which feeds fake values into login page. If the web page logs in successfully, it is classified as phishing otherwise it undergoes further heuristic filtering. If the suspicious site passes through all heuristic filters then the website is classified as a legitimate site. As per the experimentation results, our application has achieved a true positive rate of 97.61%, true negative rate of 94.37% and overall accuracy of 96.38%. Our application neither demands third party services nor prior knowledge like web history, whitelist or blacklist of URLS. It is able to detect not only zero-day phishing attacks but also detects phishing sites which are hosted on compromised domains. © 2017 Copyright held by the owner/author(s).Item A novel bio-inspired hybrid metaheuristic for unsolicited bulk email detection(Springer Science and Business Media Deutschland GmbH, 2020) Gangavarapu, T.; Jaidhar, C.D.With the recent influx of technology, Unsolicited Bulk Emails (UBEs) have become a potential problem, leaving computer users and organizations at the risk of brand, data, and financial loss. In this paper, we present a novel bio-inspired hybrid parallel optimization algorithm (Cuckoo-Firefly-GR), which combines Genetic Replacement (GR) of low fitness individuals with a hybrid of Cuckoo Search (CS) and Firefly (FA) optimizations. Cuckoo-Firefly-GR not only employs the random walk in CS, but also uses mechanisms in FA to generate and select fitter individuals. The content- and behavior-based features of emails used in the existing works, along with Doc2Vec features of the email body are employed to extract the syntactic and semantic information in the emails. By establishing an optimal balance between intensification and diversification, and reaching global optimization using two metaheuristics, we argue that the proposed algorithm significantly improves the performance of UBE detection, by selecting the most discriminative feature subspace. This study presents significant observations from the extensive evaluations on UBE corpora of 3, 844 emails, that underline the efficiency and superiority of our proposed Cuckoo-Firefly-GR over the base optimizations (Cuckoo-GR and Firefly-GR), dense autoencoders, recurrent neural autoencoders, and several state-of-the-art methods. Furthermore, the instructive feature subset obtained using the proposed Cuckoo-Firefly-GR, when classified using a dense neural model, achieved an accuracy of $$99\%$$. © Springer Nature Switzerland AG 2020.Item Machine Learning Techniques for the Investigation of Phishing Websites(Springer Science and Business Media Deutschland GmbH info@springer-sbm.com, 2021) Ajaykumar, K.B.; Rudra, B.Phishing is ordinarily acquainted with increase a position in an organization or administrative systems as a zone of a greater assault, similar to an advanced tireless risk (APT) occasion. An association surrendering to such a partner degree assault generally continues serious money related misfortunes furthermore to declining piece of the pie, notoriety, and customer trust. Depending on scope, a phishing attempt may step up into a security episode from that a business can have an inconvenient time recuperating. So as to locate this kind of assault, we endeavored to make a machine learning model that advises the client that it is suspicious or genuine. Phishing sites contain various indications among their substance also, web program-based information. The motivation behind this investigation is to perform different AI-based order for 30 features incorporating Phishing Websites Data in the UC Irvine AI Repository database. For results appraisal, random forest (RF) was contrasted and elective machine learning ways like linear regression (LR), support vector machine (SVM), Naive Bayes (NB), gradient boosting classifier (GBM), artificial neural network (ANN) and recognized to have the most noteworthy exactness of 97.39. © 2021, The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.Item Bayesian optimization and gradient boosting to detect phishing websites(Institute of Electrical and Electronics Engineers Inc., 2021) Pavan, R.; Nara, M.; Gopinath, S.; Patil, N.We propose an Extreme Gradient Boosting framework for classification and regression problems emerging in machine learning for small-sized data sources sampled from a discrete distribution, i.e. data containing discrete or quantized attributes. The model parameters are iteratively refined from a prior belief for specific use cases using Bayesian optimization. We focus the application area of this framework on detecting fraudulent websites. With properly stated reasoning, we empirically test our methodology on a publicly available and bench-marked UCI Phishing dataset to demonstrate the superior performance of this approach as compared to existing methods in the literature. © 2021 IEEE.Item Machine Learning-Based Technique for Phishing URLs Detection from TLS 1.2 and TLS 1.3 Traffic Without Decryption(Springer Science and Business Media Deutschland GmbH, 2023) Kumar, M.; Pais, A.R.; Rao, R.S.Phishing is one of the major leading cyberattack leading to huge financial loss and sensitive information loss such as account information, card details, password, login credentials. Existing techniques for phishing URL detection are unable to efficiently classify them. The use of TLS 1.2 and TLS 1.3 for client/server applications to communicate over the Internet securely has also contributed to the increase in these attacks. TLS 1.2 and TLS 1.3 traffic is encrypted, so detecting phishing URLs from encrypted traffic without decryption is a challenging task. In this paper, a machine learning (ML)-based technique is proposed for the detection of phishing URLs from encrypted traffic. The features are extracted from TLS 1.2 and TLS 1.3 traffic and based on the extracted features URLs are classified using ML algorithms. The dataset has been prepared for legitimate and phishing sites based on the features extracted from TLS 1.2 and TLS 1.3 traffic. Based on the experimental results, it is observed that the proposed model achieved promising results in the detection of phishing URLs from the encrypted traffic with an accuracy of 89.6%. © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.Item Phishing Detection Using 1D-CNN and FF-CNN Models Based on URL of the Website(Springer Science and Business Media Deutschland GmbH, 2024) Mete, C.K.; Jaidhar, C.D.Web browsing has become an integral part of our daily lives, with most modern computer devices supporting easy access to online services and information. However, this convenience comes with a significant risk to user security. Web users are exposed to various types of cyberattacks, such as Phishing, malware, profiling, etc. These hazards have the potential to compromise individuals or organizations and deny lists. The traditional Phishing defense is no longer effective in shielding users from the constantly evolving nature of Phishing Uniform Resource Locators (URLs). To address this issue, this work proposes a One-Dimensional Convolutional Neural Networks (1D-CNN) and Feed-Forward Convolutional Neural Network (FF-CNN)-based Phishing URL detection approach. The proposed approach is trained with three different datasets: a URL-based feature dataset, an embedded feature-based dataset, and a combination of both feature datasets. Experiments show that the proposed 1D-CNN-based approach achieved detection accuracy of 98.83%, 98.09%, and 98.91% on the URL-based features dataset, embedded features dataset, and combined features dataset, respectively. Furthermore, the proposed FF-CNN-based approach achieved an accuracy of 98.87%, 97.18%, and 98.78% on the same datasets. This research provides an effective approach to combating the growing threat of web-based attacks and safeguarding the security of web users. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.