Phish-Sight: a new approach for phishing detection using dominant colors on web pages and machine learning

Pandey, Pankaj; Mishra, Nishchol

doi:10.1007/s10207-023-00672-4

Cited by 10 publications

(1 citation statement)

References 52 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…HTMLPhish [33] is a language-independent and client-side strategy for webpage phishing detection that utilizes deep-learning-based approaches, specifically CNNs, to learn semantic dependencies in the textual content of HTML webpages and achieved an accuracy and true-positive rate of over 93% on a dataset of more than 50,000 HTML documents. Phish-Sight [34] is a machine-learning-based framework that uses dominant color features and popular brand names embedded in URLs' webpages to detect phishing websites through a visual inspection strategy.…”

Section: Methods Leveraging Multi-view Informationmentioning

confidence: 99%

A Lightweight Multi-View Learning Approach for Phishing Attack Detection Using Transformer with Mixture of Experts

Wang

et al. 2023

Applied Sciences

View full text Add to dashboard Cite

Phishing poses a significant threat to the financial and privacy security of internet users and often serves as the starting point for cyberattacks. Many machine-learning-based methods for detecting phishing websites rely on URL analysis, offering simplicity and efficiency. However, these approaches are not always effective due to the following reasons: (1) highly concealed phishing websites may employ tactics such as masquerading URL addresses to deceive machine learning models, and (2) phishing attackers frequently change their phishing website URLs to evade detection. In this study, we propose a robust, multi-view Transformer model with an expert-mixture mechanism for accurate phishing website detection utilizing website URLs, attributes, content, and behavioral information. Specifically, we first adapted a pretrained language model for URL representation learning by applying adversarial post-training learning in order to extract semantic information from URLs. Next, we captured the attribute, content, and behavioral features of the websites and encoded them as vectors, which, alongside the URL embeddings, constitute the website’s multi-view information. Subsequently, we introduced a mixture-of-experts mechanism into the Transformer network to learn knowledge from different views and adaptively fuse information from various views. The proposed method outperforms state-of-the-art approaches in evaluations of real phishing websites, demonstrating greater performance with less label dependency. Furthermore, we show the superior robustness and enhanced adaptability of the proposed method to unseen samples and data drift in more challenging experimental settings.

show abstract

Section: Methods Leveraging Multi-view Informationmentioning

confidence: 99%