GoldPhish: Using Images for Content-Based Phishing Analysis

Author

Dunlop, Matthew ; Groat, Stephen ; Shelly, David

Author_Institution

Virginia Polytech. Inst. & State Univ., Blacksburg, VA, USA

fYear

2010

fDate

9-15 May 2010

Firstpage

123

Lastpage

128

Abstract

Phishing attacks continue to plague users as attackers develop new ways to fool users into submitting personal information to fraudulent sites. Many schemes claim to protect against phishing sites. Unfortunately, most do not protect against zero-day phishing sites. Those schemes that do allege to provide zero-day protection, often incorrectly label both phishing and legitimate sites. We propose a scheme that protects against zero-day phishing attacks with high accuracy. Our approach captures an image of a page, uses optical character recognition to convert the image to text, then leverages the Google PageRank algorithm to help render a decision on the validity of the site. After testing our tool on 100 legitimate sites and 100 phishing sites, we accurately reported 100% of legitimate sites and 98% of phishing sites.

Keywords

computer crime; content-based retrieval; optical character recognition; unsolicited e-mail; GoldPhish; Google PageRank algorithm; content-based phishing analysis; legitimate sites; optical character recognition; zero-day phishing sites; Alzheimer´s disease; Cardiology; Chemical technology; Clinical diagnosis; Control engineering; Control engineering computing; Dementia; Hospitals; Image analysis; System testing; Anti-phishing; OCR; Toolbar; Zero-day;

fLanguage

English

Publisher

ieee

Conference_Titel

Internet Monitoring and Protection (ICIMP), 2010 Fifth International Conference on

Conference_Location

Barcelona

Print_ISBN

978-1-4244-6726-6

Type

conf

DOI

10.1109/ICIMP.2010.24

Filename

5476864