PhishZoo: Detecting Phishing Websites by Looking at Them

PhishZoo: Detecting Phishing Websites by Looking at Them

Phishing is a security attack that involves obtaining sensitive or otherwise private data by presenting oneself as a trustworthy entity. Phishers often exploit users' trust on the appearance of a site by using web pages that are visually similar to an authentic site. This paper proposes a phish...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Afroz, S., Greenstadt, R.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Accuracy
Browsers
Electronic mail
Feature extraction
HTML
Image matching
Phishing
Security
Social engineering attacks
Visualization
Website matching
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Phishing is a security attack that involves obtaining sensitive or otherwise private data by presenting oneself as a trustworthy entity. Phishers often exploit users' trust on the appearance of a site by using web pages that are visually similar to an authentic site. This paper proposes a phishing detection approach - PhishZoo - that uses profiles of trusted websites' appearances to detect phishing. Our approach provides similar accuracy to blacklisting approaches (96%), with the advantage that it can classify zero-day phishing attacks and targeted attacks against smaller sites (such as corporate intranets). A key contribution of this paper is that it includes a performance analysis and a framework for making use of computer vision techniques in a practical way.
DOI:10.1109/ICSC.2011.52