Abstract
Phishing is a simple but fatal cyber-attack that deceives users to visit a fake website to steal sensitive information such as username, password, and other credentials. The search engine-based phishing detection approaches provide interpretability and credibility well. While, the limitation of these approaches is that it is difficult to choose an accurate search string to collect valid information. The uncertain search results caused by search strings will influence the detection accuracy. This paper proposes a Hacks search based phishing detection approach—Hacks Hit the Phishing (HHP), in which the Hacks search is an advanced search syntax provided by search engines. The approach not only collects valid information accurately by Hacks search syntax, but also can detect phishing sites hosted on compromised servers by the resource decision strategy. From the experimental results, it is observed that HHP achieved an accuracy of 98.3% in Alexa, and 95.59% in openphish.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
APWG: Phishing Activity Trends Report. APWG (2020)
Heijden, A., van der, A.L.: Cognitive triaging of phishing attacks. In: Heninger, N., Traynor, P. (eds.) 28th USENIX Security Symposium, USENIX Security 2019, Santa Clara, CA, USA, 14–16 August 2019, pp. 1309–1326. USENIX Association (2019)
Lee, L.-H., Lee, K.-C., Chen, H.-H., Tseng, Y.-H.: POSTER: proactive blacklist update for anti-phishing. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1448–1450. Association for Computing Machinery, New York (2014). https://doi.org/10.1145/2660267.2662362
Bell, S., Komisarczuk, P.: An analysis of phishing blacklists: Google safe browsing, OpenPhish, and PhishTank. In: Proceedings of the Australasian Computer Science Week Multiconference. Association for Computing Machinery, New York (2020). https://doi.org/10.1145/3373017.3373020
Nguyen, L.A.T., To, B.L., Nguyen, H.K., Nguyen, M.H.: An efficient approach for phishing detection using single-layer neural network. In: 2014 International Conference on Advanced Technologies for Communications (ATC 2014), pp. 435–440 (2014). https://doi.org/10.1109/ATC.2014.7043427
Xiang, G., Hong, J., Rose, C.P., Cranor, L.: CANTINA+: a feature-rich machine learning framework for detecting phishing web sites. ACM Trans. Inf. Syst. Secur. 14(2), 1–28 (2011)
Wenyin, L., Xiaotie, D., Guanglin, H., Fu, A.Y.: An antiphishing strategy based on visual similarity assessment. IEEE Internet Comp. 10, 58–65 (2006)
Zhang, Y., Hong, J.I., Cranor, L.F.: Cantina: a content-based approach to detecting phishing web sites. In: Proceedings of the 16th International Conference on World Wide Web, pp. 639–648. Association for Computing Machinery, New York (2007). https://doi.org/10.1145/1242572.1242659
Jain, A.K., Gupta, B.B.: Two-level authentication approach to protect from phishing attacks in real time. J. Ambient Intell. Humanized Comput. 9(6), 1783–1796 (2018)
Acknowledgement
This work was supported by the National key research and development program of China (Grant No. 2018YFB1800705), the National Natural Science Foundation of China (Grant No. 61672494).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Zhang, Y., Jin, S. (2021). Hacks Hit the Phish: Phish Attack Detection Based on Hacks Search. In: Liu, Z., Wu, F., Das, S.K. (eds) Wireless Algorithms, Systems, and Applications. WASA 2021. Lecture Notes in Computer Science(), vol 12939. Springer, Cham. https://doi.org/10.1007/978-3-030-86137-7_33
Download citation
DOI: https://doi.org/10.1007/978-3-030-86137-7_33
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-86136-0
Online ISBN: 978-3-030-86137-7
eBook Packages: Computer ScienceComputer Science (R0)