Title :
PhishZoo: Detecting Phishing Websites by Looking at Them
Author :
Afroz, Sadia ; Greenstadt, Rachel
Author_Institution :
Dept. of Comput. Sci., Drexel Univ., Philadelphia, PA, USA
Abstract :
Phishing is a security attack that involves obtaining sensitive or otherwise private data by presenting oneself as a trustworthy entity. Phishers often exploit users´ trust on the appearance of a site by using web pages that are visually similar to an authentic site. This paper proposes a phishing detection approach - PhishZoo - that uses profiles of trusted websites´ appearances to detect phishing. Our approach provides similar accuracy to blacklisting approaches (96%), with the advantage that it can classify zero-day phishing attacks and targeted attacks against smaller sites (such as corporate intranets). A key contribution of this paper is that it includes a performance analysis and a framework for making use of computer vision techniques in a practical way.
Keywords :
Web sites; computer crime; computer vision; PhishZoo; blacklisting approaches; computer vision techniques; phishing Websites; security attack; trustworthy entity; zero-day phishing attacks; Accuracy; Browsers; Electronic mail; Feature extraction; HTML; Image matching; Visualization; Phishing; Security; Social engineering attacks; Website matching;
Conference_Titel :
Semantic Computing (ICSC), 2011 Fifth IEEE International Conference on
Conference_Location :
Palo Alto, CA
Print_ISBN :
978-1-4577-1648-5
Electronic_ISBN :
978-0-7695-4492-2
DOI :
10.1109/ICSC.2011.52
