Advertisement

The application of a novel neural network in the detection of phishing websites

  • Fang Feng
  • Qingguo Zhou
  • Zebang Shen
  • Xuhui Yang
  • Lihong Han
  • JinQiang Wang
Original Research

Abstract

In recent years, security incidents of website occur increasingly frequently, and this motivates us to study websites’ security. Although there are many phishing detection approaches to detect phishing websites, the detection accuracy has not been desirable. In this paper, we propose a novel phishing detection model based on a novel neural network classification method. This detection model can achieve high accu-racy and has good generalization ability by design risk minimization principle. Furthermore, the training process of the novel detection model is simple and stable by Monte Carlo algorithm. Based on testing of a set of phishing and benign websites, we have noted that this novel phishing detection model achieves the best Accuracy, True-positive rate (TPR), False-positive rate (FPR), Precision, Recall, F-measure and Matthews Correlation Coefficient (MCC) comparable to other models as Naive Bayes (NB), Logistic Regression(LR), K-Nearest Neighbor (KNN), Decision Tree (DT), Linear Support Vector Machine (LSVM), Radial-Basis Support Vector Machine (RSVM) and Linear Discriminant Analysis (LDA). Furthermore, based upon experiments, we find that the proposed detection model can achieve a high Accuracy of 97.71% and a low FPR of 1.7%. It indicates that the proposed detection model is promising and can be effectively applied to phishing detection.

Keywords

Web security Phishing detection Improved neural network Design risk minimization 

Notes

Acknowledgements

This work was supported by National Natural Science Foundation of China under Grant nos. 6140-2210 and 60973137, State Grid Corporation Science and Technology Project under Grant No. SGGSKY00FJJS1700-302, Program for New Century Excellent Talents in University under Grant no. NCET-12-0250, Major National Project of High Resolution Earth Observation System under Grant no. 30-Y20A34-9010-15/17, Strategic Priority Research Program of the Chinese Academy of Sciences with Grant no. XDA03030100, Google Research Awards and Goo-gle Faculty Award.

References

  1. Abdelhamid N, Ayesh A, Thabtah F (2014) Phishing detection based associative classification data mining. Expert Syst Appl 41(13):5948–5959CrossRefGoogle Scholar
  2. APWG (2017) Global phishing survey: domain name use and trends in 2016. https://apwg.org/apwg-news-center/. Accessed 12 Dec 2017
  3. Baslyman M, Chiasson S (2016) “smells phishy”? An educational game about online phishing scams. In: Apwg Symposium on Electronic Crime Research, pp 1–11Google Scholar
  4. Cao Y, Han W, Le Y (2008) Anti-phishing based on automated individual white-list. In: The Workshop on Digital Identity Management, pp 51–60Google Scholar
  5. Chang EH, Kang LC, Sze SN, Wei KT (2013) Phishing detection via identification of website identity. In: International Conference on It Convergence and Security, pp 1–4Google Scholar
  6. Chen H, Zhao H, Shen J, Zhou R, Zhou Q (2015) Supervised machine learning model for high dimensional gene data in colon cancer detection. In: IEEE International Congress on Big Data, pp 134–141Google Scholar
  7. Dhamija R, Tygar JD (2005) The battle against phishing: dynamic security skins. Symposium on Usable Privacy and Security, SOUPS 2005. Pittsburgh, Pennsylvania, USA, pp 77–88CrossRefGoogle Scholar
  8. Dunlop M, Groat S, Shelly D (2010) Goldphish: Using images for content-based phishing analysis. In: International Conference on Internet Monitoring and Protection, pp 123–128Google Scholar
  9. El-Alfy ESM (2017) Detection of phishing websites based on probabilistic neural networks and k-medoids clustering. Comput J 60(12):1745–1759CrossRefGoogle Scholar
  10. Gastellier-Prevost S, Granadillo GG, Laurent M (2011) Decisive heuristics to differentiate legitimate from phishing sites. In: Network and Information Systems Security, pp 1–9Google Scholar
  11. Hadi W, Aburub F, Alhawari S (2016) A new fast associative classification algorithm for detecting phishing websites. Elsevier Science Publishers B. VGoogle Scholar
  12. Hagan, Martin T, Demuth, Howard B, Beale, Mark (1996) Neural network design (4):357Google Scholar
  13. Hanbay D, Kaytan M (2017) Effective classification of phishing web pages based on new rules by using extreme learning machines. Anatolian J Comput Sci 2:15–36Google Scholar
  14. Huh JH, Kim H (2011) Phishing detection with popular search engines: simple and effective. In: Foundations and Practice of Security—Canada–France Mitacs Workshop, Fps 2011, Paris, France, May 12–13, 2011, Revised Selected Papers, pp 194–207Google Scholar
  15. Jain AK, Gupta BB (2017) Phishing detection: Analysis of visual similarity based approaches 2017(4):1–20Google Scholar
  16. Jain AK, Gupta BB (2017b) Two-level authentication approach to protect from phishing attacks in real time. J Ambient Intell Hum Comput 1–14Google Scholar
  17. Kang LC, Chang EH, Sze SN, Wei KT (2015) Utilisation of website logo for phishing detection. Comput Secur 54:16–26CrossRefGoogle Scholar
  18. Kumaraguru P, Cranshaw J, Acquisti A, Cranor L, Hong J, Blair MA, Pham T (2009) School of phish: a real-world evaluation of anti-phishing training. In: Symposium on Usable Privacy and Security, pp 1–12Google Scholar
  19. Lam IF, Xiao WC, Wang SC, Chen KT (2009) Counteracting phishing page polymorphism: An image layout analysis approach. In: Advances in Information Security and Assurance, Third International Conference and Workshops, ISA 2009, Seoul, Korea, June 25–27, 2009. Proceedings, pp 270–279Google Scholar
  20. Lee JL, hyun Kim D, Chang-Hoon, Lee (2015) Heuristic-based approach for phishing site detection using url featuresGoogle Scholar
  21. Lee LH, Lee KC, Chen HH, Tseng YH (2014) Poster: Proactive blacklist update for anti-phishing. In: ACM Sigsac Conference on Computer and Communications Security, pp 1448–1450Google Scholar
  22. Liu W, Huang G, Liu X, Min Z, Deng X (2005) Detection of phishing webpages based on visual similarity. In: Special Interest Tracks and Posters of the International Conference on World Wide Web, pp 1060–1061Google Scholar
  23. Liu W, Fang N, Quan X, Qiu B, Liu G (2010) Discovering phishing target based on semantic link network. Future Gener Comput Syst 26(3):381–388CrossRefGoogle Scholar
  24. Lungu I, Tabusca A (2010) Optimizing anti-phishing solutions based on user awareness, education and the use of the latest web security solutions. Inf Econ J 14(2):27–36Google Scholar
  25. Ma J, Saul LK, Savage S, Voelker GM (2009a) Beyond blacklists: learning to detect malicious web sites from suspicious urls. In: ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Paris, France, June 28–July, pp 1245–1254Google Scholar
  26. Ma J, Saul LK, Savage S, Voelker GM (2009b) Identifying suspicious urls: an application of large-scale online learning. In: International Conference on Machine Learning, pp 681–688Google Scholar
  27. Mao J, Li P, Li K, Wei T, Liang Z (2013) Baitalarm: Detecting phishing sites using similarity in fundamental visual features. In: International Conference on Intelligent NETWORKING and Collaborative Systems, pp 790–795Google Scholar
  28. Medvet E, Kirda E, Kruegel C (2008) Visual-similarity-based phishing detection. In: International Conference on Security and Privacy in Communication Netowrks, pp 1–6Google Scholar
  29. Miyamoto D, Hazeyama H, Kadobayashi Y (2009) An evaluation of machine learning-based methods for detection of phishing sites. In: Advances in Neuro-Information Processing, International Conference, ICONIP 2008, Auckland, New Zealand, November 25-28, 2008, Revised Selected Papers, pp 539–546Google Scholar
  30. Mohammad RM, Thabtah F, Mccluskey L (2013) An assessment of features related to phishing websites using an automated technique. In: Internet Technology And Secured Transactions, 2012 International Conference for, pp 492–497Google Scholar
  31. Mohammad RM, Thabtah F, Mccluskey L (2014) Predicting phishing websites based on self-structuring neural network. Neural Comput Appl 25(2):443–458CrossRefGoogle Scholar
  32. NSFOCUS (2017) The second part of “phishing forum”: Phishing risk (the losses brought with phishing attack). http://blog.nsfocus.net/phishing-attack-risk/. Accessed 12 Dec 2017
  33. Pan Y, Ding X (2006) Anomaly based web phishing page detection. In: Computer Security Applications Conference, 2006. ACSAC ’06., pp 381–392Google Scholar
  34. Prakash P, Kumar M, Kompella RR, Gupta M (2010) Phishnet: Predictive blacklisting to detect phishing attacks. In: IEEE INFOCOM, pp 1–5Google Scholar
  35. R Mohammad TM FA Thabtah (2017) UCI machine learning repository. http://archive.ics.uci.edu/ml. Accessed 12 Dec 2017
  36. Ramesh G, Krishnamurthi I, Kumar KSS (2014) An efficacious method for detecting phishing webpages through target domain identification. Decis Support Syst 61(5):12–22CrossRefGoogle Scholar
  37. Ryck PD, Nikiforakis N, Desmet L, Joosen W (2013) Tabshots: client-side detection of tabnabbing attacks. In: ACM Sigsac Symposium on Information, Computer and Communications Security, pp 447–456Google Scholar
  38. Seifert C, Welch I, Komisarczuk P (2008) Identification of malicious web pages with static heuristics. In: Telecommunication Networks and Applications Conference, 2008. ATNAC 2008. Australasian, pp 91–96Google Scholar
  39. Social WA (2017) Digital in 2017: Global overview. https://wearesocial.com/special-reports/digital-in-2017-global-overview. Accessed 12 Dec 2017
  40. Tan CL, Kang LC, Wong KS, Sze SN (2016) Phishwho: Phishing webpage detection via identity keywords extraction and target domain name finder. Decis Support Syst 88:18–27CrossRefGoogle Scholar
  41. Thabtah F, Mohammad RM, Mccluskey L (2016) A dynamic self-structuring neural network model to combat phishing. In: International Joint Conference on Neural Networks, pp 4221–4226Google Scholar
  42. Tseng SS, Chen KY, Lee TJ, Weng JF (2011) Automatic content generation for anti-phishing education game. In: International Conference on Electrical and Control Engineering, pp 6390–6394Google Scholar
  43. Varshney G, Misra M, Atrey PK (2016) A phish detector using lightweight search features. Comput Secur 62:213–228CrossRefGoogle Scholar
  44. Xiang G, Hong JI (2009) A hybrid phish detection approach by identity discovery and keywords retrieval. In: International Conference on World Wide Web, WWW 2009. Spain, April, Madrid, pp 571–580Google Scholar
  45. Xiang G, Hong J, Rose CP, Cranor L (2011) Cantina+: A feature-rich machine learning framework for detecting phishing web sites. ACM Trans Inf Syst Secur 14(2):1–28CrossRefGoogle Scholar
  46. Yong B, Xu Z, Shen J, Chen H, Tian Y, Zhou Q (2017) Neural network model with monte carlo algorithm for electricity demand forecasting in queensland. In: Australasian Computer Science Week Multiconference, p 47Google Scholar
  47. Zhang N, Yuan Y (2013) Phishing detection using neural networkGoogle Scholar
  48. Zhang Y, Hong JI, Cranor LF (2007) Cantina: a content-based approach to detecting phishing web sites. International Conference on World Wide Web, WWW 2007. Banff, Alberta, Canada, May, pp 639–648Google Scholar
  49. Zhao H (2016) General vector machineGoogle Scholar
  50. Zhou Q, Chen H, Zhao H, Zhang G, Yong J, Shen J (2016) A local field correlated and monte carlo based shallow neural network model for nonlinear time series prediction 3(8):151634Google Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2018

Authors and Affiliations

  • Fang Feng
    • 1
    • 2
  • Qingguo Zhou
    • 1
  • Zebang Shen
    • 1
  • Xuhui Yang
    • 1
  • Lihong Han
    • 1
  • JinQiang Wang
    • 1
  1. 1.School of Information Science and EngineeringLanzhou UniversityLanzhouChina
  2. 2.School of Electronic and Information EngineeringLanzhou Institute of TechnologyLanzhouChina

Personalised recommendations