Detecting Phishing Sites -- An Overview

Kalaharsha, P.; Mehtre, B. M.

doi:10.48550/arxiv.2103.12739

Cited by 5 publications

(5 citation statements)

References 38 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Smishing detection identifies malicious SMS messages by consulting blacklist/whitelist data [21] or by analyzing message content [3], [22], web page appearance [23], and downloaded Android application packages (APKs) [24]. The authors in [2] compared the performance of 18 existing detection algorithms using nine different datasets and demonstrated that most of the algorithms achieved accuracies of more than 95%. According to our data analysis, "message arrival times," which was neglected in previous studies, should be considered because bots sent smishing messages at the same time every day.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Smishing Strategy Dynamics and Evolving Botnet Activities in Japan

Saeki

Kitayama

Koga³

et al. 2022

IEEE Access

View full text Add to dashboard Cite

XLoader and FakeSpy, the two major smishing botnets targeting Japan, change their attack strategies over various timescales. Based on recent observations of the botnets and Twitter data, we present empirical facts about their strategies and activity patterns and applied some of these strategic and activity patterns to malware detection and malicious domain detection. All the proposed methods yielded small false positive and negative rates, and are expected to run on user devices owing to their small computational cost. Recent malware detection methods based on traffic analysis extract TCP/IP traffic features if the upper layers of TCP are encrypted. In this study, Frida's hooking capability was employed to decode the upper layers (WebSocket and JSON-RPC) to create a list of all commands flowing over the botnet channel. The command-level traffic analysis presents decisive attack features because commands are transmitted according to strategies developed by the attackers. The proposed malicious domain detection method, on the other hand, exploited the tendency of the attackers to create domains in batches. Previous researchers focused on how benign and malicious domains were registered and used on the name servers. The proposed method, on the other hand, focuses on the arrival rate of SMS messages with URL links. The error rates become significantly small when users do not receive such messages very often.

show abstract

Section: Related Workmentioning

confidence: 99%

“…There are several high-performance solutions for detecting malicious SMS messages [2], illegitimate uniform resource locators (URLs) [3], and mobile botnets [4], all of which achieve accuracies of more than 95%. However, smishing remains a problem in many countries [5]- [11].…”

Section: Introductionmentioning

confidence: 99%

Smishing Strategy Dynamics and Evolving Botnet Activities in Japan

Saeki

Kitayama

Koga³

et al. 2022

IEEE Access

View full text Add to dashboard Cite

show abstract

“…We will check the URL and settle on this website to monitor this. The selection of established phishing sites to find unknown phishing sites is one way to identify phishing [36][37][38]. The study of web functionality is another means of finding out the bogus websites.…”

Section: Introductionmentioning

confidence: 99%

Web Phishing Detection Using Web Crawling, Cloud Infrastructure and Deep Learning Framework

Abdulrahman¹,

Ahmed²,

Rashid³

et al. 2023

JASTT

View full text Add to dashboard Cite

The pandemic of COVID-19 obliges citizens to follow the “work from home “scheme. The Internet is also a powerful channel for social connections. The huge dependency of people on digital media opens doors to fraud. Phishing is a form of cybercrime that is used to rob users of passwords from online banking, e-commerce, online schools, digital markets, and others. Phishers create bogus websites like the original and deliver users spam mails. When an online user visits fake web pages via spam, phishers steal their credentials. As a result, it is important to identify these forms of fraudulent websites until they do any harm to victims. Inspired by the ever-changing existence of phishing websites. This paper reviews the work on Phishing attack detection and aims to examine techniques that mainly detect and help in preventing phishing attacks rather than mitigating them. Here we offered a general overview of the most effective phishing attack detection strategies focused on deep learning.

show abstract

“…In email phishing, the links are sent to the victim, and the phishing process initiates upon clicking the links. These phishing links can be spread using SMSs, also known as SMS phishing or smishing attacks [6]. The same process performed through telephone lines is known as vishing attacks [7].…”

Section: Introductionmentioning

confidence: 99%

A Hybrid Approach for Alluring Ads Phishing Attack Detection Using Machine Learning

Shaukat,

Amin,

Muslam

et al. 2023

Sensors

View full text Add to dashboard Cite

Phishing attacks are evolving with more sophisticated techniques, posing significant threats. Considering the potential of machine-learning-based approaches, our research presents a similar modern approach for web phishing detection by applying powerful machine learning algorithms. An efficient layered classification model is proposed to detect websites based on their URL structure, text, and image features. Previously, similar studies have used machine learning techniques for URL features with a limited dataset. In our research, we have used a large dataset of 20,000 website URLs, and 22 salient features from each URL are extracted to prepare a comprehensive dataset. Along with this, another dataset containing website text is also prepared for NLP-based text evaluation. It is seen that many phishing websites contain text as images, and to handle this, the text from images is extracted to classify it as spam or legitimate. The experimental evaluation demonstrated efficient and accurate phishing detection. Our layered classification model uses support vector machine (SVM), XGBoost, random forest, multilayer perceptron, linear regression, decision tree, naïve Bayes, and SVC algorithms. The performance evaluation revealed that the XGBoost algorithm outperformed other applied models with maximum accuracy and precision of 94% in the training phase and 91% in the testing phase. Multilayer perceptron also worked well with an accuracy of 91% in the testing phase. The accuracy results for random forest and decision tree were 91% and 90%, respectively. Logistic regression and SVM algorithms were used in the text-based classification, and the accuracy was found to be 87% and 88%, respectively. With these precision values, the models classified phishing and legitimate websites very well, based on URL, text, and image features. This research contributes to early detection of sophisticated phishing attacks, enhancing internet user security.

show abstract

Detecting Phishing Sites -- An Overview

Cited by 5 publications

References 38 publications

Smishing Strategy Dynamics and Evolving Botnet Activities in Japan

Smishing Strategy Dynamics and Evolving Botnet Activities in Japan

Web Phishing Detection Using Web Crawling, Cloud Infrastructure and Deep Learning Framework

A Hybrid Approach for Alluring Ads Phishing Attack Detection Using Machine Learning

Contact Info

Product

Resources

About