research-article

Detecting Phishing Websites using Automation of Human Behavior

Authors:

Routhu Srinivasa Rao,

Alwyn R. PaisAuthors Info & Claims

CPSS '17: Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security

Pages 33 - 42

https://doi.org/10.1145/3055186.3055188

Published: 02 April 2017 Publication History

Abstract

In this paper, we propose a technique to detect phishing attacks based on behavior of human when exposed to fake website. Some online users submit fake credentials to the login page before submitting their actual credentials. He/She observes the login status of the resulting page to check whether the website is fake or legitimate. We automate the same behavior with our application (FeedPhish) which feeds fake values into login page. If the web page logs in successfully, it is classified as phishing otherwise it undergoes further heuristic filtering. If the suspicious site passes through all heuristic filters then the website is classified as a legitimate site. As per the experimentation results, our application has achieved a true positive rate of 97.61%, true negative rate of 94.37% and overall accuracy of 96.38%. Our application neither demands third party services nor prior knowledge like web history, whitelist or blacklist of URLS. It is able to detect not only zero-day phishing attacks but also detects phishing sites which are hosted on compromised domains.

References

[1]

HTTrack Website Copier - Free Software Offline Browser (GNU GPL). https://www.httrack.com/.

[2]

Jsoup Java HTML Parser, with best of DOM, CSS, and jquery. https://jsoup.org/.

[3]

Selenium. http://docs.seleniumhq.org/download/.

[4]

Wget - GNU Project - Free Software Foundation. https://www.gnu.org/software/wget/.

[5]

Phishing attack trends reports, 4th quarter 2015. http://docs.apwg.org/reports/apwg_trends_report_q4_2015.pdf, 2015. Accessed: 2016-06-01.

[6]

APWG. Phishing attack trends reports, first quarter 2016. http://docs.apwg.org/reports/apwg_trends_report_q1_2016.pdf, 2016. Accessed: 2016-06-01.

[7]

Y. Cao, W. Han, and Y. Le. Anti-phishing based on automated individual white-list. In Proceedings of the 4th ACM workshop on Digital identity management, pages 51--60. ACM, 2008.

Digital Library

[8]

K. L. Chiew, E. H. Chang, W. K. Tiong, et al. Utilisation of website logo for phishing detection. Computers & Security, 54:16--26, 2015.

Digital Library

[9]

N. Chou, R. Ledesma, Y. Teraguchi, J. C. Mitchell, et al. Client-side defense against web-based identity theft. In NDSS, 2004.

[10]

A. Y. Fu, L. Wenyin, and X. Deng. Detecting phishing web pages with visual similarity assessment based on earth mover's distance (emd). IEEE transactions on dependable and secure computing, 3(4):301--311, 2006.

Digital Library

[11]

S. Garera, N. Provos, M. Chew, and A. D. Rubin. A framework for detection and measurement of phishing attacks. In Proceedings of the 2007 ACM workshop on Recurring malcode, pages 1--8. ACM, 2007.

Digital Library

[12]

M. Hara, A. Yamada, and Y. Miyake. Visual similarity-based phishing detection without victim site information. In Computational Intelligence in Cyber Security, 2009. CICS'09. IEEE Symposium on, pages 30--36. IEEE, 2009.

[13]

M. He, S.-J. Horng, P. Fan, M. K. Khan, R.-S. Run, J.-L. Lai, R.-J. Chen, and A. Sutanto. An efficient phishing webpage detector. Expert Systems with Applications, 38(10):12018--12027, 2011.

Digital Library

[14]

Y. Joshi, S. Saklikar, D. Das, and S. Saha. Phishguard: A browser plug-in for protection from phishing. In Internet Multimedia Services Architecture and Applications, 2008. IMSAA 2008. 2nd International Conference on, pages 1--6. IEEE, 2008.

[15]

H. Kazemian and S. Ahmed. Comparisons of machine learning techniques for detecting malicious webpages. Expert Systems with Applications, 42(3):1166 -- 1177, 2015.

Digital Library

[16]

P. Mensah, G. Blanc, K. Okada, D. Miyamoto, and Y. Kadobayashi. Ajna: Anti-phishing js-based visual analysis, to mitigate users' excessive trust in ssl/tls.

[17]

M. Moghimi and A. Y. Varjani. New rule-based phishing detection method. Expert systems with applications, 53:231--242, 2016.

Digital Library

[18]

Y. Pan and X. Ding. Anomaly based web phishing page detection. In Proceedings - Annual Computer Security Applications Conference, ACSAC, volume 6, pages 381--392, 2006.

Digital Library

[19]

P. Prakash, M. Kumar, R. R. Kompella, and M. Gupta. Phishnet: Predictive blacklisting to detect phishing attacks. In INFOCOM, 2010 Proceedings IEEE, pages 1--5. IEEE, 2010.

Digital Library

[20]

G. Ramesh, I. Krishnamurthi, and K. S. S. Kumar. An efficacious method for detecting phishing webpages through target domain identification. Decision Support Systems, 61:12 -- 22, 2014.

[21]

R. S. Rao and S. T. Ali. A computer vision technique to detect phishing attacks. In Communication Systems and Network Technologies (CSNT), 2015 Fifth International Conference on, pages 596--601. IEEE, 2015.

[22]

R. S. Rao. and S. T. Ali. Phishshield: A desktop application to detect phishing webpages through heuristic approach. Procedia Computer Science, 54:147--156, 2015.

[23]

H. Shahriar and M. Zulkernine. Trustworthiness testing of phishing websites: A behavior model-based approach. Future Generation Computer Systems, 28(8):1258--1271, 2012.

Digital Library

[24]

C. L. Tan, K. L. Chiew, et al. Phishing website detection using url-assisted brand name weighting system. In 2014 International Symposium on Intelligent Signal Processing and Communication Systems (ISPACS), pages 054--059. IEEE, 2014.

[25]

C. L. Tan, K. L. Chiew, K. Wong, and S. N. Sze. Phishwho: Phishing webpage detection via identity keywords extraction and target domain name finder. Decision Support Systems, 88:18 -- 27, 2016.

Digital Library

[26]

T. Van Goethem, F. Piessens, W. Joosen, and N. Nikiforakis. Clubbing seals: Exploring the ecosystem of third-party security seals. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pages 918--929. ACM, 2014.

Digital Library

[27]

G. Varshney, M. Misra, and P. K. Atrey. A phish detector using lightweight search features. Computers & Security, 62:213 -- 228, 2016.

[28]

L. Wenyin, G. Huang, L. Xiaoyue, Z. Min, and X. Deng. Detection of phishing webpages based on visual similarity. In Special interest tracks and posters of the 14th international conference on World Wide Web, pages 1060--1061. ACM, 2005.

Digital Library

[29]

G. Xiang, J. Hong, C. P. Rose, and L. Cranor. Cantina

[30]

: A feature-rich machine learning framework for detecting phishing web sites. ACM Transactions on Information and System Security (TISSEC), 14(2):21, 2011.

[31]

J. Zhang, P. A. Porras, and J. Ullrich. Highly predictive blacklisting. In USENIX Security Symposium, pages 107--122, 2008.

Digital Library

[32]

Y. Zhang, J. I. Hong, and L. F. Cranor. Cantina: a content-based approach to detecting phishing web sites. In Proceedings of the 16th international conference on World Wide Web, pages 639--648. ACM, 2007.

Digital Library

Cited By

Singh PHasija TRamkumar K(2024)Optimizing Phishing Detection Systems with Ensemble Learning: Insights from a Multi-Model Voting Classifier2024 5th International Conference on Smart Electronics and Communication (ICOSEC)10.1109/ICOSEC61587.2024.10722407(1336-1341)Online publication date: 18-Sep-2024
https://doi.org/10.1109/ICOSEC61587.2024.10722407
Dubey MMakwana R(2024)Enhancing Web Security: Hybrid Deep Learning Model for Robust URL Phishing Detection2024 IEEE International Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI)10.1109/IATMSI60426.2024.10502735(1-6)Online publication date: 14-Mar-2024
https://doi.org/10.1109/IATMSI60426.2024.10502735
MohamedAli RAbduhameed R(2024)Phishing Email Detection: SurveyRecent Trends and Advances in Artificial Intelligence10.1007/978-3-031-70924-1_42(551-570)Online publication date: 22-Nov-2024
https://doi.org/10.1007/978-3-031-70924-1_42
Show More Cited By

Index Terms

Detecting Phishing Websites using Automation of Human Behavior
1. Security and privacy
  1. Intrusion/anomaly detection and malware mitigation
    1. Social engineering attacks
      1. Phishing

Recommendations

A comprehensive and efficacious architecture for detecting phishing webpages

Phishing is a web-based criminal act. Phishing sites lure sensitive information from naive online users by camouflaging themselves as trustworthy entities. Phishing is considered an annoying threat in the field of electronic commerce. Due to the short ...
A heuristic technique to detect phishing websites using TWSVM classifier
Abstract
Phishing websites are on the rise and are hosted on compromised domains such that legitimate behavior is embedded into the designed phishing site to overcome the detection. The traditional heuristic techniques using HTTPS, search engine, Page ...
Anti-phishing: A comprehensive perspective
Abstract
Phishing is a form of deception technique that attackers often use to acquire sensitive information related to individuals and organizations fraudulently. Although Phishing attacks have been known for more than two decades, and there is ongoing ...
Highlights
- Classification and discussion of various phishing attacks, motives, and their types.
- The role of social and cognitive factors in the success of a phishing attack.
- A comprehensive survey of various phishing detection and prevention ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CPSS '17: Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security

April 2017

120 pages

ISBN:9781450349567

DOI:10.1145/3055186

Program Chairs:
Jianying Zhou
SUTD, Singapore
,
Ernesto Damiani
KUSTAR, UAE

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 April 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ASIA CCS '17

Sponsor:

SIGSAC

ASIA CCS '17: ACM Asia Conference on Computer and Communications Security

April 2, 2017

Abu Dhabi, United Arab Emirates

Acceptance Rates

CPSS '17 Paper Acceptance Rate 10 of 35 submissions, 29%;

Overall Acceptance Rate 43 of 135 submissions, 32%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

31
Total Citations
View Citations
1,089
Total Downloads

Downloads (Last 12 months)50
Downloads (Last 6 weeks)2

Reflects downloads up to 13 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Singh PHasija TRamkumar K(2024)Optimizing Phishing Detection Systems with Ensemble Learning: Insights from a Multi-Model Voting Classifier2024 5th International Conference on Smart Electronics and Communication (ICOSEC)10.1109/ICOSEC61587.2024.10722407(1336-1341)Online publication date: 18-Sep-2024
https://doi.org/10.1109/ICOSEC61587.2024.10722407
Dubey MMakwana R(2024)Enhancing Web Security: Hybrid Deep Learning Model for Robust URL Phishing Detection2024 IEEE International Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI)10.1109/IATMSI60426.2024.10502735(1-6)Online publication date: 14-Mar-2024
https://doi.org/10.1109/IATMSI60426.2024.10502735
MohamedAli RAbduhameed R(2024)Phishing Email Detection: SurveyRecent Trends and Advances in Artificial Intelligence10.1007/978-3-031-70924-1_42(551-570)Online publication date: 22-Nov-2024
https://doi.org/10.1007/978-3-031-70924-1_42
Tofighi MOusat BZandi JSchafir EKharraz A(2024)Constructs of Deceit: Exploring Nuances in Modern Social Engineering AttacksDetection of Intrusions and Malware, and Vulnerability Assessment10.1007/978-3-031-64171-8_6(107-127)Online publication date: 9-Jul-2024
https://doi.org/10.1007/978-3-031-64171-8_6
Pham PTa T(2023)Evaluating the effectiveness of Discriminator network in GAN architecture for phishing URL classificationJournal of Military Science and Technology10.54939/1859-1043.j.mst.86.2023.110-11986(110-119)Online publication date: 28-Apr-2023
https://doi.org/10.54939/1859-1043.j.mst.86.2023.110-119
Boyapati MAygun R(2023)Phishing Web Page Detection using Web ScrapingSoutheastCon 202310.1109/SoutheastCon51012.2023.10115148(167-174)Online publication date: 1-Apr-2023
https://doi.org/10.1109/SoutheastCon51012.2023.10115148
Jindal NRastogi DJoshi KGupta D(2023)Identification of Phishing Attacks using Machine Learning2023 Seventh International Conference on Image Information Processing (ICIIP)10.1109/ICIIP61524.2023.10537706(941-946)Online publication date: 22-Nov-2023
https://doi.org/10.1109/ICIIP61524.2023.10537706
Preeti Sharma P(2023)A Detailed Analysis on Various Datasets using Machine learning and Deep Learning Techniques for Phishing URLs Detection2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT)10.1109/ICCCNT56998.2023.10307474(1-10)Online publication date: 6-Jul-2023
https://doi.org/10.1109/ICCCNT56998.2023.10307474
Arévalo DValarezo DFuertes WFernanda Cazares MAndrade RMacas M(2023)Human and Cognitive Factors involved in Phishing Detection. A Literature Review2023 Congress in Computer Science, Computer Engineering, & Applied Computing (CSCE)10.1109/CSCE60160.2023.00105(608-614)Online publication date: 24-Jul-2023
https://doi.org/10.1109/CSCE60160.2023.00105
Kalabarige LRao RPais AGabralla L(2023)A Boosting-Based Hybrid Feature Selection and Multi-Layer Stacked Ensemble Learning Model to Detect Phishing WebsitesIEEE Access10.1109/ACCESS.2023.329364911(71180-71193)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3293649
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents