Phishing page detection via learning classifiers from page layout feature

Phishing page detection via learning classifiers from page layout feature

The web technology has become the cornerstone of a wide range of platforms, such as mobile services and smart Internet-of-things (IoT) systems. In such platforms, users’ data are aggregated to a cloud-based platform, where web applications are used as a key interface to access and configure user dat...

Full description

Saved in:
Bibliographic Details
Published in:EURASIP journal on wireless communications and networking Vol. 2019; no. 1; pp. 1 - 14
Main Authors: Mao, Jian, Bian, Jingdong, Tian, Wenqian, Zhu, Shishi, Wei, Tao, Li, Aili, Liang, Zhenkai
Format: Journal Article
Language:English
Published: Cham Springer International Publishing 20-02-2019
Springer Nature B.V
SpringerOpen
Subjects:
Aggregation analysis
Anti-phishing
Applications programs
Artificial intelligence
Classifiers
Cloud computing
Communications Engineering
Cybersecurity
Engineering
Feature extraction
Government services
Information Systems Applications (incl.Internet)
Internet of Things
Machine learning
Networks
Page layout
Phishing
Platforms
Signal,Image and Speech Processing
Similarity
Social factors
User interfaces
Vulnerability
Websites
Anti-phishing
Aggregation analysis
Machine learning
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The web technology has become the cornerstone of a wide range of platforms, such as mobile services and smart Internet-of-things (IoT) systems. In such platforms, users’ data are aggregated to a cloud-based platform, where web applications are used as a key interface to access and configure user data. Securing the web interface requires solutions to deal with threats from both technical vulnerabilities and social factors. Phishing attacks are one of the most commonly exploited vectors in social engineering attacks. The attackers use web pages visually mimicking legitimate web sites, such as banking and government services, to collect users’ sensitive information. Existing phishing defense mechanisms based on URLs or page contents are often evaded by attackers. Recent research has demonstrated that visual layout similarity can be used as a robust basis to detect phishing attacks. In particular, features extracted from CSS layout files can be used to measure page similarity. However, it needs human expertise in specifying how to measure page similarity based on such features. In this paper, we aim to enable automated page-layout-based phishing detection techniques using machine learning techniques. We propose a learning-based aggregation analysis mechanism to decide page layout similarity, which is used to detect phishing pages. We prototype our solution and evaluate four popular machine learning classifiers on their accuracy and the factors affecting their results.
ISSN:1687-1499
1687-1472
1687-1499
DOI:10.1186/s13638-019-1361-0