Phishing-Alarm: Robust and Efficient Phishing Detection via Page Component Similarity

Phishing-Alarm: Robust and Efficient Phishing Detection via Page Component Similarity

Social networks have become one of the most popular platforms for users to interact with each other. Given the huge amount of sensitive data available in social network platforms, user privacy protection on social networks has become one of the most urgent research issues. As a traditional informati...

Full description

Bibliographic Details
Main Authors: Jian Mao, Wenqian Tian, Pei Li, Tao Wei, Zhenkai Liang
Format: Article
Language:English
Published: IEEE 2017-01-01
Series:IEEE Access
Subjects:
Phishing
Web security
browser
privacy protection
Online Access:https://ieeexplore.ieee.org/document/8015116/
id doaj-25f0c5cc95864369a9b66163c0c17381
record_format Article
spelling doaj-25f0c5cc95864369a9b66163c0c173812021-03-29T20:05:07ZengIEEEIEEE Access2169-35362017-01-015170201703010.1109/ACCESS.2017.27435288015116Phishing-Alarm: Robust and Efficient Phishing Detection via Page Component SimilarityJian Mao0https://orcid.org/0000-0002-0404-6466Wenqian Tian1Pei Li2Tao Wei3Zhenkai Liang4School of Electronic and Information Engineering, Beihang University, Beijing, ChinaSchool of Electronic and Information Engineering, Beihang University, Beijing, ChinaSchool of Electronic and Information Engineering, Beihang University, Beijing, ChinaBaidu USA LLC, Sunnyvale, CA, USASchool of Computing, National University of Singapore, SingaporeSocial networks have become one of the most popular platforms for users to interact with each other. Given the huge amount of sensitive data available in social network platforms, user privacy protection on social networks has become one of the most urgent research issues. As a traditional information stealing technique, phishing attacks still work in their way to cause a lot of privacy violation incidents. In a Web-based phishing attack, an attacker sets up scam Web pages (pretending to be an important Website such as a social network portal) to lure users to input their private information, such as passwords, social security numbers, credit card numbers, and so on. In fact, the appearance of Web pages is among the most important factors in deceiving users, and thus, the similarity among Web pages is a critical metric for detecting phishing Websites. In this paper, we present a new solution, called Phishing-Alarm, to detect phishing attacks using features that are hard to evade by attackers. In particular, we present an algorithm to quantify the suspiciousness ratings of Web pages based on the similarity of visual appearance between the Web pages. Since cascading style sheet (CSS) is the technique to specify page layout across browser implementations, our approach uses CSS as the basis to accurately quantify the visual similarity of each page element. As page elements do not have the same influence to pages, we base our rating method on weighted page-component similarity. We prototyped our approach in the Google Chrome browser. Our large-scale evaluation using real-world websites shows the effectiveness of our approach. The proof of concept implementation verifies the correctness and accuracy of our approach with a relatively low performance overhead.https://ieeexplore.ieee.org/document/8015116/PhishingWeb securitybrowserprivacy protection
collection DOAJ
language English
format Article
sources DOAJ
author Jian Mao
Wenqian Tian
Pei Li
Tao Wei
Zhenkai Liang
spellingShingle Jian Mao
Wenqian Tian
Pei Li
Tao Wei
Zhenkai Liang
Phishing-Alarm: Robust and Efficient Phishing Detection via Page Component Similarity
IEEE Access
Phishing
Web security
browser
privacy protection
author_facet Jian Mao
Wenqian Tian
Pei Li
Tao Wei
Zhenkai Liang
author_sort Jian Mao
title Phishing-Alarm: Robust and Efficient Phishing Detection via Page Component Similarity
title_short Phishing-Alarm: Robust and Efficient Phishing Detection via Page Component Similarity
title_full Phishing-Alarm: Robust and Efficient Phishing Detection via Page Component Similarity
title_fullStr Phishing-Alarm: Robust and Efficient Phishing Detection via Page Component Similarity
title_full_unstemmed Phishing-Alarm: Robust and Efficient Phishing Detection via Page Component Similarity
title_sort phishing-alarm: robust and efficient phishing detection via page component similarity
publisher IEEE
series IEEE Access
issn 2169-3536
publishDate 2017-01-01
description Social networks have become one of the most popular platforms for users to interact with each other. Given the huge amount of sensitive data available in social network platforms, user privacy protection on social networks has become one of the most urgent research issues. As a traditional information stealing technique, phishing attacks still work in their way to cause a lot of privacy violation incidents. In a Web-based phishing attack, an attacker sets up scam Web pages (pretending to be an important Website such as a social network portal) to lure users to input their private information, such as passwords, social security numbers, credit card numbers, and so on. In fact, the appearance of Web pages is among the most important factors in deceiving users, and thus, the similarity among Web pages is a critical metric for detecting phishing Websites. In this paper, we present a new solution, called Phishing-Alarm, to detect phishing attacks using features that are hard to evade by attackers. In particular, we present an algorithm to quantify the suspiciousness ratings of Web pages based on the similarity of visual appearance between the Web pages. Since cascading style sheet (CSS) is the technique to specify page layout across browser implementations, our approach uses CSS as the basis to accurately quantify the visual similarity of each page element. As page elements do not have the same influence to pages, we base our rating method on weighted page-component similarity. We prototyped our approach in the Google Chrome browser. Our large-scale evaluation using real-world websites shows the effectiveness of our approach. The proof of concept implementation verifies the correctness and accuracy of our approach with a relatively low performance overhead.
topic Phishing
Web security
browser
privacy protection
url https://ieeexplore.ieee.org/document/8015116/
work_keys_str_mv AT jianmao phishingalarmrobustandefficientphishingdetectionviapagecomponentsimilarity
AT wenqiantian phishingalarmrobustandefficientphishingdetectionviapagecomponentsimilarity
AT peili phishingalarmrobustandefficientphishingdetectionviapagecomponentsimilarity
AT taowei phishingalarmrobustandefficientphishingdetectionviapagecomponentsimilarity
AT zhenkailiang phishingalarmrobustandefficientphishingdetectionviapagecomponentsimilarity
_version_ 1724195282098323456

Similar Items