Abstract
Phishing is an identity theft fraud strategy in which users obtain false website links from fraudulent addresses that tend to belong to legitimate and actual companies in order to steal the receiver's personal information. The proposed tool helps users to check the received URLs using the pre-set white-list to determine whether it is legitimate or not. In addition, the tool can test any URL with the database and the results shows that the tool achieved 100% true positive rate and 100% true negative rate. Furthermore, the tool classifies any URL that neither in the database nor is phishing to the URLs in the database as unknown. However, the tool needs to be developed in terms of unknown URLs to be more reliable.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Leite, C., Gondim, J.J., Barreto, P.S., Alchieri, E.A.: Waste flooding: a phishing retaliation tool. In: 2019 IEEE 18th International Symposium on Network Computing and Applications (NCA), pp. 1–8, September 2019
Park, G., Rayz, J.: Ontological detection of phishing emails. In: 2018 IEEE International Conference on Systems, Man, and Cybernetics (SMC), pp. 2858–2863. IEEE, October 2018
Lötter, A., Futcher, L.: A framework to assist email users in the identification of phishing attacks. Inf. Comput. Secur. (2015)
Qabajeh, I., Thabtah, F., Chiclana, F.: A recent review of conventional vs. automated cybersecurity anti-phishing techniques. Comput. Sci. Rev. 29, 44–55 (2018)
Alsharnouby, M., Alaca, F., Chiasson, S.: Why phishing still works: user strategies for combating phishing attacks. Int. J. Hum Comput Stud. 82, 69–82 (2015)
Ghafir, I., et al.: Security threats to critical infrastructure: the human factor. J. Supercomput. 74(10), 4986–5002 (2018). https://doi.org/10.1007/s11227-018-2337-2
Khonji, M., Iraqi, Y., Jones, A.: Mitigation of spear phishing attacks: a content-based authorship identification framework. In: 2011 International Conference for Internet Technology and Secured Transactions, pp. 416–421. IEEE, December 2011
Bergholz, A., Chang, J.H., Paass, G., Reichartz, F., Strobel, S.: Improved phishing detection using model-based features. In: CEAS, August 2008
Phishing activity trends reports. (2020), https://apwg.org/trendsreports/. Accessed 15 Mar 2021
Varshney, G., Misra, M., Atrey, P.K.: A survey and classification of web phishing detection schemes. Secur. Commun. Netw. 9(18), 6266–6284 (2016)
Jain, A.K., Gupta, B.B.: Towards detection of phishing websites on client-side using machine learning based approach. Telecommun. Syst. 68(4), 687–700 (2017). https://doi.org/10.1007/s11235-017-0414-0
Jain, A.K., Gupta, B.B.: Phishing detection: analysis of visual similarity based approaches. Secur. Commun. Netw. (2017)
Moghimi, M., Varjani, A.Y.: New rule-based phishing detection method. Expert Syst. Appl. 53, 231–242 (2016)
Bin, S., Qiaoyan, W., Xiaoying, L.: A DNS based anti-phishing approach. In: 2010 Second International Conference on Networks Security, Wireless Communications and Trusted Computing, Vol. 2, pp. 262–265. IEEE, April 2010
Jain, A.K., Gupta, B.B.: A novel approach to protect against phishing attacks at client side using auto-updated white-list. EURASIP J. Inf. Secur. 2016(1), 1–11 (2016). https://doi.org/10.1186/s13635-016-0034-3
Tan, C.L., Chiew, K.L.: Phishing webpage detection using weighted URL tokens for identity keywords retrieval. In: 9th International Conference on Robotic, Vision, Signal Processing and Power Applications, pp. 133–139. Springer, Singapore (2017)
Herzberg, A., Jbara, A.: Security and identification indicators for browsers against spoofing and phishing attacks. ACM Trans. Internet Technol. (TOIT) 8(4), 1–36 (2008)
Hara, M., Yamada, A., Miyake, Y.: Visual similarity-based phishing detection without victim site information. In: 2009 IEEE Symposium on Computational Intelligence in Cyber Security, pp. 30–36. IEEE, March 2009
Dunlop, M., Groat, S., Shelly, D.: Goldphish: using images for content-based phishing analysis. In: 2010 Fifth International Conference on Internet Monitoring and Protection, pp. 123–128. IEEE, May 2010
Chiew, K.L., Choo, J.S.F., Sze, S.N., Yong, K.S.: Leverage website favicon to detect phishing websites. Secur. Commun. Netw. (2018)
Drury, V., Meyer, U.: Certified phishing: taking a look at public key certificates of phishing websites. In: 15th Symposium on Usable Privacy and Security (SOUPS 2019). USENIX Association, Berkeley, CA, USA, pp. 211–223, August 2019
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Almutairi, A., Alshoshan, A.I. (2022). Developing a Webpage Phishing Attack Detection Tool. In: Arai, K. (eds) Intelligent Computing. SAI 2022. Lecture Notes in Networks and Systems, vol 508. Springer, Cham. https://doi.org/10.1007/978-3-031-10467-1_42
Download citation
DOI: https://doi.org/10.1007/978-3-031-10467-1_42
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-10466-4
Online ISBN: 978-3-031-10467-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)