TY - GEN
T1 - Protect sensitive sites from phishing attacks using features extractable from inaccessible phishing URLs
AU - Chu, Weibo
AU - Zhu, Bin B.
AU - Xue, Feng
AU - Guan, Xiaohong
AU - Cai, Zhongmin
PY - 2013
Y1 - 2013
N2 - Phishing is the third cyber-security threat globally and the first cyber-security threat in China. There were 61.69 million phishing victims in China alone from June 2011 to June 2012, with the total annual monetary loss more than 4.64 billion US dollars. These phishing attacks were highly concentrated in targeting at a few major Websites. Many phishing Webpages had a very short life span. In this paper, we assume the Websites to protect against phishing attacks are known, and study the effectiveness of machine learning based phishing detection using only lexical and domain features, which are available even when the phishing Webpages are inaccessible. We propose several novel highly effective features, and use the real phishing attack data against Taobao and Tencent, two main phishing targets in China, in studying the effectiveness of each feature, and each group of features. We then select an optimal set of features in our phishing detector, which has achieved a detection rate better than 98%, with a false positive rate of 0.64% or less. The detector is still effective when the distribution of phishing URLs changes.
AB - Phishing is the third cyber-security threat globally and the first cyber-security threat in China. There were 61.69 million phishing victims in China alone from June 2011 to June 2012, with the total annual monetary loss more than 4.64 billion US dollars. These phishing attacks were highly concentrated in targeting at a few major Websites. Many phishing Webpages had a very short life span. In this paper, we assume the Websites to protect against phishing attacks are known, and study the effectiveness of machine learning based phishing detection using only lexical and domain features, which are available even when the phishing Webpages are inaccessible. We propose several novel highly effective features, and use the real phishing attack data against Taobao and Tencent, two main phishing targets in China, in studying the effectiveness of each feature, and each group of features. We then select an optimal set of features in our phishing detector, which has achieved a detection rate better than 98%, with a false positive rate of 0.64% or less. The detector is still effective when the distribution of phishing URLs changes.
UR - https://www.scopus.com/pages/publications/84891361073
U2 - 10.1109/ICC.2013.6654816
DO - 10.1109/ICC.2013.6654816
M3 - 会议稿件
AN - SCOPUS:84891361073
SN - 9781467331227
T3 - IEEE International Conference on Communications
SP - 1990
EP - 1994
BT - 2013 IEEE International Conference on Communications, ICC 2013
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2013 IEEE International Conference on Communications, ICC 2013
Y2 - 9 June 2013 through 13 June 2013
ER -