Author:
Dadkhah Mehdi,Shamshirband Shahaboddin,Abdul Wahab Ainuddin Wahid
Abstract
Purpose
This paper aims to present a hybrid approach based on classification algorithms that was capable of identifying different types of phishing pages. In this approach, after eliminating features that do not play an important role in identifying phishing attacks and also after adding the technique of searching page title in the search engine, the capability of identifying journal phishing and phishing pages embedded in legal sites was added to the presented approach in this paper.
Design/methodology/approach
The hybrid approach of this paper for identifying phishing web sites is presented. This approach consists of four basic sections. The action of identifying phishing web sites and journal phishing attacks is performed via selecting two classification algorithms separately. To identify phishing attacks embedded in legal web sites also the method of page title searching is used and then the result is returned. To facilitate identifying phishing pages the black list approach is used along with the proposed approach so that the operation of identifying phishing web sites can be performed more accurately, and, finally, by using a decision table, it is judged that the intended web site is phishing or legal.
Findings
In this paper, a hybrid approach based on classification algorithms to identify phishing web sites is presented that has the ability to identify a new type of phishing attack known as journal phishing. The presented approach considers the most used features and adds new features to identify these attacks and to eliminate unused features in the identifying process of these attacks, does not have the problems of previous techniques and can identify journal phishing too.
Originality/value
The major advantage of this technique was considering all of the possible and effective features in identifying phishing attacks and eliminating unused features of previous techniques; also, this technique in comparison with other similar techniques has the ability of identifying journal phishing attacks and phishing pages embedded in legal sites.
Subject
Library and Information Sciences,Computer Science Applications
Reference41 articles.
1. Intelligent phishing detection system for e-banking using fuzzy data mining;Expert Systems with Applications,2010
2. Predicting phishing websites using classification mining techniques with experimental case studies,2010
3. Yahoo sign-in seal and current anti-phishing solutions,2009
4. APD: ARM deceptive phishing detector system phishing detection in instant messengers using data mining approach,2012
5. Bank web sites phishing detection and notification system based on Semantic Web technologies;International Journal of Security & Its Applications,2012
Cited by
4 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Information Extraction from Security-Related Datasets;2023 46th MIPRO ICT and Electronics Convention (MIPRO);2023-05-22
2. Data Acquisition and Corpus Creation for Phishing Detection;2023 46th MIPRO ICT and Electronics Convention (MIPRO);2023-05-22
3. Classification of Phishing Websites using Machine Learning Models;2023 3rd International conference on Artificial Intelligence and Signal Processing (AISP);2023-03-18
4. An overview of machine learning algorithms for detecting phishing attacks on electronic messaging services;2022 45th Jubilee International Convention on Information, Communication and Electronic Technology (MIPRO);2022-05-23