Anomaly Based Webphishing Page Detection

Author

Y. PAN
Xuhua DING, Singapore Management UniversityFollow

Publication Type

Conference Proceeding Article

Publication Date

2006

Abstract

Many anti-phishing schemes have recently been proposed in literature. Despite all those efforts, the threat of phishing attacks is not mitigated. One of the main reasons is that phishing attackers have the adaptability to change their tactics with little cost. In this paper, we propose a novel approach, which is independent of any specific phishing implementation. Our idea is to examine the anomalies in Web pages, in particular, the discrepancy between a Web site's identity and its structural features and HTTP transactions. It demands neither user expertise nor prior knowledge of the Web site. The evasion of our phishing detection entails high cost to the adversary. As shown by the experiments, our phishing detector functions with low miss rate and low false-positive rate

Discipline

Information Security

Research Areas

Information Security and Trust

Publication

ACSAC '06: 22nd Annual Computer Security Applications Conference, 11-15 December 2006, Miami Beach: Proceedings

First Page

381

Last Page

392

ISBN

9780769527161

Identifier

10.1109/ACSAC.2006.13

Publisher

IEEE

City or Country

Miami, FL

Citation

PAN, Y. and DING, Xuhua. Anomaly Based Webphishing Page Detection. (2006). ACSAC '06: 22nd Annual Computer Security Applications Conference, 11-15 December 2006, Miami Beach: Proceedings. 381-392.
Available at: https://ink.library.smu.edu.sg/sis_research/528

Additional URL

http://dx.doi.org/10.1109/ACSAC.2006.13