Phishing Attack Detection using a Search Engine and Heuristics-based Technique

Phishing Attack Detection using a Search Engine and Heuristics-based Technique

Brij B. Gupta (National Institute of Technology, India) and Ankit Kumar Jain (National Institute of Technology, India)
Copyright: © 2020 |Pages: 16
DOI: 10.4018/JITR.2020040106

Abstract

The language used in the textual content of the webpage is the barrier in most of the existing anti-phishing methods. Most of the existing anti-phishing methods can identify the fake webpages written in the English language only. Therefore, we present a search engine-based method in this article, which identifies phishing webpages accurately regardless of the textual language used within the webpage. The proposed search engine-based method uses a lightweight, consistent and language independent search query to detect the legality of the suspicious URL. We have also integrated five heuristics with the search engine-based mechanism to improve the detection accuracy, as some newly created legitimate sites may not appear in the search engine. The proposed method can also correctly classify the newly created legitimate sites that are not classified by available search engine-based methods. Evaluation results show that our method outperforms the available search-based techniques and achieves 98.15% TPR of and only 0.05% FPR.
Article Preview
Top

1. Introduction

Nowadays, the Internet has rapidly grown and become a critical resource for a variety of services such as WWW, e-mail, e-commerce, etc. As the Internet continues to grow, more and more organizations and industries are integrating their existing system with the Internet to increase the revenue. Our daily lives have also become more reliant on Internet-based services for delivery of data services. Moreover, these services store user’s sensitive and personal credentials, and attract cybercriminal for stealing of user’s credential (Gupta et al., 2017; Pejic-Bach, 2010). These events have prompted many cybercriminals who try to take advantage of easy access to the WWW and associated user-centric approaches (Konradt et al., 2016).

Phishing is one of the most dangerous cybercrimes in which attackers steal sensitive credentials from the Internet users such as, bank account details, credit card number, protected password, etc. Phishing is similar to the word ‘fishing’. In fishing, we use bait in order to catch a fish same thing happens in phishing but instead, victim is a normal user using the Internet. The victim of this attack thinks that information is going to the trustworthy party, instead, it is going to the cybercriminals. Cybercriminals use this information for its own advantage not for its intended purpose. Phishing is one of the major problems faced by cyberspace. The statistics of most recent web vulnerability reports revealed that phishing attack stands at peak position among all other cyber-attacks (APWG, 2016).

In this attack, the cybercriminals exploit the vulnerability of innocent Internet users, as many users are not aware of phishing attack (Arachchilagea et al., 2016). Most of the Internet users avoid the warning messages (i.e. security indicators) shown by the web browsers. Moreover, users also do not know the secure sockets layer (SSL) certificate and they are not able to differentiate between genuine and fake uniform resource locators (URLs). The visual deception of the fake website also plays an important factor to catch innocent victims. The appearance of fake website deceives users to believe that they are visiting the correct website. Phishing messages are spread over e-mail, SMS, instant messengers, social networking sites, etc, but e-mail is the popular way to perform this attack.

The motive behind phishing is not only stealing the user’s information, but to install other types of malware, like, Trojan horse, ransomware, etc., in the victim machine (Phishingpro, 2018). Moreover, this brutal attack also creates the negative business impact on electronic commerce, payment gateways, and social media websites (Konradt et al., 2016). Google raised 10 million phishing warning messages every day to their users who wish to visit a fake website and added 10000+ websites in its blacklist (Orman, 2013). According to Anti-Phishing Working Group (APWG) cyber report, 662795 unique phishing websites were detected in 2017 (APWG, 2018). Cybercriminals stole a total of $172bn from consumers in 2017 (Norton Cyber Security, 2017). Moreover, it was found that 76% of organisations had experienced phishing attacks in 2017 (State of the Phish, 2018). Furthermore, 53% of InfoSec professionals reported that they had experienced spear phishing attacks in 2017. (State of the Phish, 2018)

Complete Article List

Search this Journal:
Reset
Open Access Articles
Volume 14: 4 Issues (2021): Forthcoming, Available for Pre-Order
Volume 13: 4 Issues (2020): 3 Released, 1 Forthcoming
Volume 12: 4 Issues (2019)
Volume 11: 4 Issues (2018)
Volume 10: 4 Issues (2017)
Volume 9: 4 Issues (2016)
Volume 8: 4 Issues (2015)
Volume 7: 4 Issues (2014)
Volume 6: 4 Issues (2013)
Volume 5: 4 Issues (2012)
Volume 4: 4 Issues (2011)
Volume 3: 4 Issues (2010)
Volume 2: 4 Issues (2009)
Volume 1: 4 Issues (2008)
View Complete Journal Contents Listing