Advertisement

In-depth Evaluation of Content-Based Phishing Detection to Clarify Its Strengths and Limitations

  • Koichiro Komiyama
  • Toshinori Seko
  • Yusuke Ichinose
  • Kei Kato
  • Kohei Kawano
  • Hiroshi Yoshiura
Part of the Communications in Computer and Information Science book series (CCIS, volume 124)

Abstract

Zhang et al. proposed a method for content-based phishing detection (CBD) and reported its high performance in detecting phishing sites written in English. However, the evaluations of the CBD method performed by Zhang et al. and others were small-scale and simply measured the detection and error rates, i.e, they did not analyze the causes of the detection errors. Moreover, the effectiveness of the CBD method with non-English sites, such as Japanese and Chinese language sites, has never been tested. This paper reports our in-depth evaluation and analysis of the CBD method using 843 actual phishing sites (including 475 English and 368 Japanese sites), and explains both the strengths of the CBD method and its limitations. Our work provides a base for using the CBD method in the real world.

Keywords

Phishing attack Network security web 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
  2. 2.
  3. 3.
    Cao, Y., Han, W., Le, Y.: Anti-phishing based on automated individual white-list. In: Proceedings of the 4th ACM workshop on Digital identity management, pp. 51–60 (2008)Google Scholar
  4. 4.
    Zhang, Y., Hong, J., Cranor, L.: acontent-based approach to detecting phishing websites. In: Proceedings of the 16th International Conference on World Wide Web (WWW 2007), pp. 639–648 (2007)Google Scholar
  5. 5.
    Nakayama, S., Echizen, I., Yoshiura, H.: Preventing False Positives in Content-Based Phishing Detection. In: Proceedings of 5th IEEE International Conference on Intelligent Information Hiding and Multimedia Signal Processing, pp. 48–51 (2009)Google Scholar
  6. 6.
    APWG :Phishing Activity Trends Report for the Month of (January 2008), http://www.antiphishing.org/reports/apwg_report_jan_2008.pdf
  7. 7.
    Garera, S., Provos, N., Chew, M., Rubin, A.: A framework for detection and measurement of phishing attacks. In: Proceedings of the 2007 ACM Workshop on Recurring Malcode, pp. 1–8 (2007)Google Scholar
  8. 8.
    Ludl, C., McAllister, S., Kirda, E., Kruegel, C.: On the effectiveness of techniques to detect phishing sites. In: Hämmerli, B.M., Sommer, R. (eds.) DIMVA 2007. LNCS, vol. 4579, pp. 20–39. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    Ma, J., Saul, L., Savage, S., Voelker, G.: Beyond blacklists: learning to detect malicious web sites from suspicious URLs. In: Proceedings of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1245–1254 (2009)Google Scholar
  10. 10.
    Dhamija, R., Tygar, J.: The battle against phishing: Dynamic security skins. In: Proceedings of the 2005 Symposium on Usable Privacy and Security (SOUPS 2005), pp.77–88 (2005) Google Scholar
  11. 11.
    Liu, W., Deng, X., Huang, G., Fu, A.: An Antiphishing Strategy Based on Visual Similarity Assessment. IEEE Internet Computing 10(2), 58–65 (2006)CrossRefGoogle Scholar
  12. 12.
    Pan, Y., Ding, X.: Anomaly based web phishing page detection. In: Proceedings of the 22nd Annual Computer Security Applications Conference (ACSAC 2006), pp. 381–392 (2006) Google Scholar
  13. 13.
    Xiang, G., Hong, J.: A hybrid phish detection approach by identity discovery and keywords retrieval. In: Proceedings of the 18th International Conference on World Wide Web, pp. 571–580 (2009)Google Scholar
  14. 14.
    MeCab : Yet Another Part-of-Speech and Morphological Analyzer, http://mecab.sourceforge.net/
  15. 15.
    Lynx for Win32 (by patakuti): Project Home Page, http://lynx-win32-pata.sourceforge.jp/
  16. 16.

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Koichiro Komiyama
    • 1
  • Toshinori Seko
    • 1
  • Yusuke Ichinose
    • 1
  • Kei Kato
    • 2
  • Kohei Kawano
    • 2
  • Hiroshi Yoshiura
    • 2
  1. 1.JPCERT Coordination CenterTokyoJapan
  2. 2.Graduate school of Electro-CommunicationsUniversity of Electro-CommunicationsTokyoJapan

Personalised recommendations