Detect phishing by checking content consistency

Author

Yi-Shin Chen ; Yi-Hsuan Yu ; Huei-Sin Liu ; Pang-Chieh Wang

Author_Institution

Inst. of Inf. Syst. & Applic., Nat. Tsing Hua Univ., Hsinchu, Taiwan

fYear

2014

Firstpage

109

Lastpage

119

Abstract

Phishing is a form of cybercrime used to lure a victim to reveal his/her sensitive personal information to fraudulent web pages. To protect users from phishing attacks, many anti-phishing techniques have been proposed to block suspicious web pages, which are identified against registered black-lists, or checked by search engines. However, such approaches usually have difficulty in keeping up with the rapidly emerging phishing web pages. To lessen this problem, this paper proposes a technique for identifying suspicious web pages, based on the literal and conceptual consistency between the URL and web contents. By using the search logs only as reference data, our approach can achieve 98% accuracy, showing that it is effective in detecting various forms of phishing attack.

Keywords

Internet; Web sites; computer crime; fraud; search engines; URL; Web content; anti-phishing technique; content consistency; cybercrime; fraudulent Web pages; personal information; phishing attack; phishing detection; reference data; registered black-list; search engine; search log; suspicious Web pages; Accuracy; Data mining; Educational institutions; Feature extraction; Search engines; Uniform resource locators; Web pages;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Reuse and Integration (IRI), 2014 IEEE 15th International Conference on

Type

conf

DOI

10.1109/IRI.2014.7051880

Filename

7051880