An introduction to support Vector Machines: and other kernel-based learning methods
An introduction to support Vector Machines: and other kernel-based learning methods
Machine Learning
Machine Learning
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Cantina: a content-based approach to detecting phishing web sites
Proceedings of the 16th international conference on World Wide Web
Installing fake root keys in a PC
EuroPKI'05 Proceedings of the Second European conference on Public Key Infrastructure
A comparison of machine learning techniques for phishing detection
Proceedings of the anti-phishing working groups 2nd annual eCrime researchers summit
Learn to Detect Phishing Scams Using Learning and Ensemble ?Methods
WI-IATW '07 Proceedings of the 2007 IEEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology - Workshops
WSDM '08 Proceedings of the 2008 International Conference on Web Search and Data Mining
Itrustpage: a user-assisted anti-phishing tool
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Behind phishing: an examination of phisher modi operandi
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Anticipating Hidden Text Salting in Emails
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Anti-phishing based on automated individual white-list
Proceedings of the 4th ACM workshop on Digital identity management
Exploitable redirects on the web: identification, prevalence, and defense
WOOT'08 Proceedings of the 2nd conference on USENIX Workshop on offensive technologies
Itinerary Planner: A Mashup Case Study
Service-Oriented Computing - ICSOC 2007 Workshops
E-Mail Classification for Phishing Defense
ECIR '09 Proceedings of the 31th European Conference on IR Research on Advances in Information Retrieval
Identifying suspicious URLs: an application of large-scale online learning
ICML '09 Proceedings of the 26th Annual International Conference on Machine Learning
Beyond blacklists: learning to detect malicious web sites from suspicious URLs
Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining
Scalable Detection and Isolation of Phishing
AIMS '09 Proceedings of the 3rd International Conference on Autonomous Infrastructure, Management and Security: Scalability of Networks and Services
Online phishing classification using adversarial data mining and signaling games
Proceedings of the ACM SIGKDD Workshop on CyberSecurity and Intelligence Informatics
HumanBoost: Utilization of Users' Past Trust Decision for Identifying Fraudulent Websites
ICONIP '09 Proceedings of the 16th International Conference on Neural Information Processing: Part II
New filtering approaches for phishing email
Journal of Computer Security - EU-Funded ICT Research on Trust and Security
Detecting visually similar Web pages: Application to phishing detection
ACM Transactions on Internet Technology (TOIT)
BogusBiter: A transparent protection against phishing attacks
ACM Transactions on Internet Technology (TOIT)
Teaching Johnny not to fall for phish
ACM Transactions on Internet Technology (TOIT)
Detecting phishing e-mails by heterogeneous classification
IDEAL'07 Proceedings of the 8th international conference on Intelligent data engineering and automated learning
An intrusion detection system for detecting phishing attacks
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Online phishing classification using adversarial data mining and signaling games
ACM SIGKDD Explorations Newsletter
An evaluation of machine learning-based methods for detection of phishing sites
ICONIP'08 Proceedings of the 15th international conference on Advances in neuro-information processing - Volume Part I
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Secure online banking on untrusted computers
Proceedings of the 17th ACM conference on Computer and communications security
Lexical feature based phishing URL detection using online learning
Proceedings of the 3rd ACM workshop on Artificial intelligence and security
PKAW'10 Proceedings of the 11th international conference on Knowledge management and acquisition for smart systems and services
Using biased discriminant analysis for email filtering
KES'10 Proceedings of the 14th international conference on Knowledge-based and intelligent information and engineering systems: Part I
Identifying and resolving hidden text salting
IEEE Transactions on Information Forensics and Security
Assessing the severity of phishing attacks: A hybrid data mining approach
Decision Support Systems
Learning to detect malicious URLs
ACM Transactions on Intelligent Systems and Technology (TIST)
Using one-time passwords to prevent password phishing attacks
Journal of Network and Computer Applications
Detecting malicious web links and identifying their attack types
WebApps'11 Proceedings of the 2nd USENIX conference on Web application development
CANTINA+: A Feature-Rich Machine Learning Framework for Detecting Phishing Web Sites
ACM Transactions on Information and System Security (TISSEC)
Spam detection using web page content: a new battleground
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference
Phi.sh/$oCiaL: the phishing landscape through short URLs
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference
Blocking spam by separating end-user machines from legitimate mail server machines
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference
Adaptive context modeling for deception detection in emails
MLDM'11 Proceedings of the 7th international conference on Machine learning and data mining in pattern recognition
Proceedings of the 4th ACM workshop on Security and artificial intelligence
Communications of the ACM
PCA document reconstruction for email classification
Computational Statistics & Data Analysis
Exploiting parse structures for native language identification
EMNLP '11 Proceedings of the Conference on Empirical Methods in Natural Language Processing
Clustering potential phishing websites using DeepMD5
LEET'12 Proceedings of the 5th USENIX conference on Large-Scale Exploits and Emergent Threats
Trustworthiness testing of phishing websites: A behavior model-based approach
Future Generation Computer Systems
Using automated individual white-list to protect web digital identities
Expert Systems with Applications: An International Journal
Secret information display based authentication technique towards preventing phishing attacks
Proceedings of the International Conference on Advances in Computing, Communications and Informatics
Feature selection for improved phishing detection
IEA/AIE'12 Proceedings of the 25th international conference on Industrial Engineering and Other Applications of Applied Intelligent Systems: advanced research in applied artificial intelligence
A multi-tier phishing detection and filtering approach
Journal of Network and Computer Applications
Applying clustering and ensemble clustering approaches to phishing profiling
AusDM '09 Proceedings of the Eighth Australasian Data Mining Conference - Volume 101
Obtaining the threat model for e-mail phishing
Applied Soft Computing
PhishSafe: leveraging modern JavaScript API's for transparent and robust protection
Proceedings of the 4th ACM conference on Data and application security and privacy
Hi-index | 0.02 |
Each month, more attacks are launched with the aim of making web users believe that they are communicating with a trusted entity for the purpose of stealing account information, logon credentials, and identity information in general. This attack method, commonly known as "phishing," is most commonly initiated by sending out emails with links to spoofed websites that harvest information. We present a method for detecting these attacks, which in its most general form is an application of machine learning on a feature set designed to highlight user-targeted deception in electronic communication. This method is applicable, with slight modification, to detection of phishing websites, or the emails used to direct victims to these sites. We evaluate this method on a set of approximately 860 such phishing emails, and 6950 non-phishing emails, and correctly identify over 96% of the phishing emails while only mis-classifying on the order of 0.1% of the legitimate emails. We conclude with thoughts on the future for such techniques to specifically identify deception, specifically with respect to the evolutionary nature of the attacks and information available.