By Topic

You're Not Who You Claim to Be: Website Identity Check for Phishing Detection

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Insoon Jo ; Sch. of Comput. Sci. & Eng., Seoul Nat. Univ., Seoul, South Korea ; Eunjin Jung ; Heon Y. Yeom

Phishing websites impersonate legitimate counterparts to lure users into visiting their websites. Once users visit a phishing website then the phishing website may steal users' private information or cause drive-by downloads. To detect a phishing website, human experts compare the claimed identity of a website with features in the website. For example, human experts often compare the domain name in the URL against the claimed identity. Most legitimate websites have domain names that match their identities, while phishing websites usually have less relevance between their domain names and their claimed (fake) identities. In addition to blacklists, whitelists, heuristics, and classifications used in the state-of-the-art systems, we propose to consider websites' identity claims. Our phishing detection system mimics this human expert behavior. Given a website, our system learns the identity that this website claims, and computes the textual relevance between this claimed identity and other features in the website. Our phishing detection system then uses this textual relevance as one of the features for classification, and our classifiers achieve more than 98% of true positive rate and very low false positive rate between 0.5% and 1%.

Published in:

Computer Communications and Networks (ICCCN), 2010 Proceedings of 19th International Conference on

Date of Conference:

2-5 Aug. 2010