Know Your Phish: Novel Techniques for Detecting Phishing Sites and Their Targets

dc.contributorAalto-yliopistofi
dc.contributorAalto Universityen
dc.contributor.authorMarchal, Samuel
dc.contributor.authorSaari, Kalle
dc.contributor.authorSingh, Nidhi
dc.contributor.authorAsokan, N.
dc.contributor.departmentTietotekniikan laitosfi
dc.contributor.departmentDepartment of Computer Scienceen
dc.contributor.labSecure Systemsen
dc.contributor.schoolPerustieteiden korkeakoulufi
dc.contributor.schoolSchool of Scienceen
dc.date.accessioned2017-07-17T09:02:41Z
dc.date.available2017-07-17T09:02:41Z
dc.date.issued2016
dc.description.abstractPhishing is a major problem on the Web. Despite the significant attention it has received over the years, there has been no definitive solution. While the state-of-the-art solutions have reasonably good performance, they require a large amount of training data and are not adept at detecting phishing attacks against new targets. In this paper, we begin with two core observations: (a) although phishers try to make a phishing webpage look similar to its target, they do not have unlimited freedom in structuring the phishing webpage, and (b) a webpage can be characterized by a small set of key terms, how these key terms are used in different parts of a webpage is different in the case of legitimate and phishing webpages. Based on these observations, we develop a phishing detection system with several notable properties: it requires very little training data, scales well to much larger test data, is language-independent, fast, resilient to adaptive attacks and implemented entirely on client-side. In addition, we developed a target identification component that can identify the target website that a phishing webpage is attempting to mimic. The target detection component is faster than previously reported systems and can help minimize false positives in our phishing detection system.en
dc.description.versionPeer revieweden
dc.format.extent323-333
dc.format.mimetypeapplication/pdfen
dc.identifier.citationMarchal, Samuel & Saari, Kalle & Singh, Nidhi & Asokan, N.. 2016. Know Your Phish: Novel Techniques for Detecting Phishing Sites and Their Targets. 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS), 27-30 June 2016, Nara, Japan. 323-333. 1063-6927 (electronic). 978-1-5090-1483-5 (electronic). DOI: 10.1109/icdcs.2016.10.en
dc.identifier.doi10.1109/icdcs.2016.10
dc.identifier.isbn978-1-5090-1483-5 (electronic)
dc.identifier.issn1063-6927 (electronic)
dc.identifier.urihttps://aaltodoc.aalto.fi/handle/123456789/27295
dc.identifier.urnURN:ISBN:978-1-5090-1483-5
dc.language.isoenen
dc.publisherIEEEen
dc.relation.ispartof2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS), 27-30 June 2016, Nara, Japanen
dc.rights© 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other work.en
dc.rights.holderIEEE
dc.subject.keywordcomputer crimeen
dc.subject.keywordInterneten
dc.subject.keywordphishing detectionen
dc.subject.keywordtarget identificationen
dc.subject.otherComputer scienceen
dc.titleKnow Your Phish: Novel Techniques for Detecting Phishing Sites and Their Targetsen
dc.typeA4 Artikkeli konferenssijulkaisussafi
dc.type.dcmitypetexten
dc.type.versionPost printen

Files

Original bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
isbn9781509014835.pdf
Size:
388.26 KB
Format:
Adobe Portable Document Format