Please use this identifier to cite or link to this item:
Title: An enhanced blacklist method to detect phishing websites
Authors: Rao, R.S.
Pais, A.R.
Issue Date: 2017
Citation: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2017, Vol.10717 LNCS, , pp.323-333
Abstract: Existing anti-phishing techniques like whitelist or blacklist detect the phishing sites based on the database of approved and unapproved URLs. Most of the current phishing attacks are actually replicas or variations of other attacks in the database. In this paper, we propose an enhanced blacklist method which uses key discriminate features extracted from the source code of the website for the detection of phishing websites. The main focus of our work is to detect the phishing sites which are replicas of existing websites with manipulated content. Each phishing website is identified with a unique fingerprint which is generated from the set of proposed features. We used Simhash algorithm to generate fingerprint for each website. The features used for calculating fingerprint are filenames of the request URLs (js, img, CSS, favicon), pathnames of request URLs (CSS, scripts, img, anchor links), and attribute values of tags (H1, H2, div, body, form). Our experimentation detected 84.36% of phishing sites as replicas of other phishing websites with manipulated content while maintaining zero false positive rate. The proposed method is similar to that of traditional blacklist with an advantage that it can detect replicated and manipulated phishing sites efficiently. � Springer International Publishing AG 2017.
Appears in Collections:2. Conference Papers

Files in This Item:
There are no files associated with this item.

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.