An efficient phishing webpage detector

Authors:
Mingxing He;Shi-Jinn Horng;Pingzhi Fan;Muhammad Khurram Khan;Ray-Shine Run;Jui-Lin Lai;Rong-Jian Chen;Adi Sutanto
Affiliations:
School of Mathematics and Computer Engineering, Xihua University, Chengdu 610039, PR China;School of Mathematics and Computer Engineering, Xihua University, Chengdu 610039, PR China and Department of Computer Science and Information Engineering, National Taiwan University of Science and ...;Institute of Mobile Communications, Southwest Jiaotong University, Chengdu, Sichuan 610031, PR China;Center of Excellence in Information Assurance, King Saud University, Saudi Arabia;Department of Electronic Engineering, National United University, Miaoli, Taiwan;Department of Electronic Engineering, National United University, Miaoli, Taiwan;Department of Electronic Engineering, National United University, Miaoli, Taiwan;Department of Computer Science and Information Engineering, National Taiwan University of Science and Technology, Taipei 106, Taiwan
Venue:
Expert Systems with Applications: An International Journal
Year:
2011

Citing 4
Cited 0

Do security toolbars actually prevent phishing attacks?

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Decision strategies and susceptibility to phishing

SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Cantina: a content-based approach to detecting phishing web sites

Proceedings of the 16th international conference on World Wide Web
Itrustpage: a user-assisted anti-phishing tool

Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008

Quantified Score

Hi-index	12.05

Visualization

Abstract

Phishing attack is growing significantly each year and is considered as one of the most dangerous threats in the Internet which may cause people to lose confidence in e-commerce. In this paper, we present a heuristic method to determine whether a webpage is a legitimate or a phishing page. This scheme could detect new phishing pages which black list based anti-phishing tools could not. We first convert a web page into 12 features which are well selected based on the existing normal and fishing pages. A training set of web pages including normal and fishing pages are then input for a support vector machine to do training. A testing set is finally fed into the trained model to do the testing. Compared to the existing methods, the experimental results show that the proposed phishing detector can achieve the high accuracy rate with relatively low false positive and low false negative rates.