The battle against phishing: Dynamic Security Skins
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Introduction to the CoNLL-2003 shared task: language-independent named entity recognition
CONLL '03 Proceedings of the seventh conference on Natural language learning at HLT-NAACL 2003 - Volume 4
Anomaly Based Web Phishing Page Detection
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Cantina: a content-based approach to detecting phishing web sites
Proceedings of the 16th international conference on World Wide Web
A framework for detection and measurement of phishing attacks
Proceedings of the 2007 ACM workshop on Recurring malcode
Detecting visually similar Web pages: Application to phishing detection
ACM Transactions on Internet Technology (TOIT)
A hierarchical adaptive probabilistic approach for zero hour phish detection
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Web phishing detection using classifier ensemble
Proceedings of the 12th International Conference on Information Integration and Web-based Applications & Services
Detecting malicious web links and identifying their attack types
WebApps'11 Proceedings of the 2nd USENIX conference on Web application development
CANTINA+: A Feature-Rich Machine Learning Framework for Detecting Phishing Web Sites
ACM Transactions on Information and System Security (TISSEC)
Communications of the ACM
Proceedings of the Seventh Symposium on Usable Privacy and Security
Phishing detection with popular search engines: simple and effective
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Clustering potential phishing websites using DeepMD5
LEET'12 Proceedings of the 5th USENIX conference on Large-Scale Exploits and Emergent Threats
A robust defense mechanism to prevent phishing attack using parse tree validation
ADCONS'11 Proceedings of the 2011 international conference on Advanced Computing, Networking and Security
Trustworthiness testing of phishing websites: A behavior model-based approach
Future Generation Computer Systems
Using automated individual white-list to protect web digital identities
Expert Systems with Applications: An International Journal
Proactive discovery of phishing related domain names
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Intelligent phishing detection and protection scheme for online transactions
Expert Systems with Applications: An International Journal
Cost-sensitive online active learning with application to malicious URL detection
Proceedings of the 19th ACM SIGKDD international conference on Knowledge discovery and data mining
PhishCage: reproduction of fraudulent websites in the emulated internet
Proceedings of the 6th International ICST Conference on Simulation Tools and Techniques
Hi-index | 0.02 |
Phishing is a significant security threat to the Internet, which causes tremendous economic loss every year. In this paper, we proposed a novel hybrid phish detection method based on information extraction (IE) and information retrieval (IR) techniques. The identity-based component of our method detects phishing webpages by directly discovering the inconsistency between their identity and the identity they are imitating. The keywords-retrieval component utilizes IR algorithms exploiting the power of search engines to identify phish. Our method requires no training data, no prior knowledge of phishing signatures and specific implementations, and thus is able to adapt quickly to constantly appearing new phishing patterns. Comprehensive experiments over a diverse spectrum of data sources with 11449 pages show that both components have a low false positive rate and the stacked approach achieves a true positive rate of 90.06% with a false positive rate of 1.95%.