Phishing is an online fraud through which phisher gains unauthorized access to the user system to lure the personal credentials (such as username, password, credit/debit card number, validity, CVV number, and pin) for financial gain. Phishing can be carried out in many ways: through emails, phone calls, instant messages, advertisements, and popups on the website and poisoning the DNS. To protect the users from phishing, many anti-phishing toolbars/extensions had been developed. These anti-phishing tools prevent the Internet users not to fall a victim of phishing scams. No anti-phishing approach can give 100 % security. In this paper, we present a complete classification of an anti-phishing solution in algorithmic perspective. The taxonomy helps in understanding various anti-phishing approaches and algorithms developed for phishing detection. Popular anti-phishing toolbars are taken to show the media they address, mode of operation, and their pros and cons. It also provides further research gap that has to be addressed.
Phishing scams are increasing drastically, which affects Internet users in compromising personal credentials. This paper proposes a novel feature utilization method for phishing URL detection called the Polymorphic property of features. In the initial stage, the URL-related features (46 features) were extracted. Later, a subset of features (19 out of 46) with the polymorphic property of features was identified, and they were extracted from different parts of the URL (the domain and path). After extracting the features, various machine learning classification algorithms were applied to build the machine learning model using monomorphic treatment of features, polymorphic treatment of features, and both monomorphic and polymorphic treatment of features. By the polymorphic property of features, we mean that the same feature provides different interpretations when considered in different parts of the URL. The machine learning models were built on two different datasets. A comparison of the machine learning models derived from the two datasets reveals the fact that the model built with both monomorphic and polymorphic treatment of features yielded higher accuracy in Phishing URL detection than the existing works. While testing the model on phishing URL datasets, the most challenging thing we noticed was detecting the phishing URLs with a valid SSL certificate. The existing works on detecting phishing URLs, using only digital certificate-related features, are not up to the mark. We combined certificate-related and URL-related features to improve the performance to address the problem.
The global naming systems are used to resolve the DNS (domain name system) queries by providing the IP address of a particular domain. Humans are familiar in remembering the text rather than numbers. So the DNS servers help in resolving the human-readable domain names into system understandable IP address. In the current DNS architecture, there are several threats that cost a lot of damage to the organizations. At the earlier stage, DNS protocol lacks security assurance in place. To solve this issue, they introduced DNSSEC (subsequent DNS) as an additional layer of trust on top of DNS by providing authentication. Still, the current DNS servers couldn't address issues such as DoS/DDoS attacks. To address all these issues, blockchain technology offers an innovative method to handle those challenges. The existing naming systems are centralized, which is a major problem in achieving security.. The main aim of this chapter is to provide an overview of blockchain technology and a brief introduction to blockchain-based naming and storage systems.
The global naming systems are used to resolve the DNS (domain name system) queries by providing the IP address of a particular domain. Humans are familiar in remembering the text rather than numbers. So the DNS servers help in resolving the human-readable domain names into system understandable IP address. In the current DNS architecture, there are several threats that cost a lot of damage to the organizations. At the earlier stage, DNS protocol lacks security assurance in place. To solve this issue, they introduced DNSSEC (subsequent DNS) as an additional layer of trust on top of DNS by providing authentication. Still, the current DNS servers couldn't address issues such as DoS/DDoS attacks. To address all these issues, blockchain technology offers an innovative method to handle those challenges. The existing naming systems are centralized, which is a major problem in achieving security.. The main aim of this chapter is to provide an overview of blockchain technology and a brief introduction to blockchain-based naming and storage systems.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.