Abstract
The credibility of websites is an important factor to prevent malicious attacks such as phishing. These attacks cause huge economic losses, for example attacks to online transaction systems. Most of the existing page-rating solutions, such as PageRank and Alexa Rank, are not designed for detecting malicious websites. The main goal of these solutions is to reflect the popularity and relevance of the websites, which might be manipulated by attackers. Other security-oriented rating schemes, e.g., black/white listed based, voting-based and pagesimilarity- based mechanisms, are limited in the accuracy for new pages, bias in recommendation and low efficiency. To balance the user experience and detection accuracy, inspired by the basic idea of PageRank, we developed a website credibility assessment algorithm based on page association. We prototyped our algorithm and developed a website assessment extension for the Safari browser. The experiment results showed that our method is accurate and effective in assessing websites for threats from phishing with a low performance overhead.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
360. 360 cloud drive, http://yunpan.360.cn/
55tuan. 55tuan, http://user.55tuan.com/toLogin.no?service=http%3A%2F%2Fwww.55tuan.com%2F&casIsLogin=false&source=1
Alexa. What is alexa traffic rank, http://www.alexa.com/help/traffic-learn-more
Chou, N., Ledesma, R., Teraguchi, Y., Boneh, D., Mitchell, J.C.: Client-side defense against web-based identity theft. In: 11th Annual Network and Distributed System Security Symposium. Internet Society, San Diego (2004)
GeoTrust Corp. Geotrust introduces industry first secure consumer search service, http://www.geotrust.com/about/news_events/press/PR_TrustedSearch_092605s.pdf
Microsoft Corp. Microsoft phishing filter: A new approach to build trust in e-commerce, http://www.microsoft.com/downloads/
Kaixin. Kaixin, http://login.kaixin001.com/
Kim, Y.-G., Cho, S., Lee, J.-S., Lee, M.-S., Kim, I.H., Kim, S.H.: Method for evaluating the security risk of a website against phishing attacks. In: Yang, C.C., et al. (eds.) ISI Workshops 2008. LNCS, vol. 5075, pp. 21–31. Springer, Heidelberg (2008)
Layton, R., Brown, S., Watters, P.: Using differencing to increase distinctiveness for phishing website clustering. In: Ubiquitous, Autonomic and Trusted Computing, Symposia and Workshops, Brisbane, pp. 488–492. IEEE (2009)
Manzuo. Manzuo, http://www.manzuo.com/login .
Mao, J., Dong, X., Li, P., Wei, T., Liang, Z.: Rating web pages using page-transition evidence. In: Qing, S., Zhou, J., Liu, D. (eds.) ICICS 2013. LNCS, vol. 8233, pp. 49–58. Springer, Heidelberg (2013)
Mao, J., Li, P., Li, K., Wei, T., Liang, Z.K.: Baitalarm: Detecting phishing sites using similarity in fundamental visual features. In: 5th International Conference on Intelligent Networking and Collaborative Systems, Xi’an, pp. 790–795. IEEE (2013)
Netcraft. Netcraft anti-phishing toolbar, http://toolbar.netcraft.com/
Web of Trust. Web of trust (wot) c crowdsourced web safety, https://www.mywot.com/en/aboutus
Page, L., Brin, S., Motwani, R., Winograd, T.: The pagerank citation ranking: Bringing order to the web. Technical report, Stanford InfoLab
Robichaux, P., Ganger, D.L.: Gone phishing: Evaluating anti-phishing tools for windows. 3Sharp Project Report (September 2006), http://3sharp.com/projects/antiphishing/gonePhishing.pdf
Sheng, S., Wardan, B., Warner, G., Granor, L., Hong, J., Zhang, C.: An empirical analysis of phishing blacklists. In: Sixth Conference on Email and Anti-Spam (2009)
Wikipedia. Back link, http://en.wikipedia.org/wiki/Backlink
Wikipedia. Phishtank, http://en.wikipedia.org/wiki/Phishtank
Zhang, L.H., Wei, T., Li, K., Mao, J., Zhang, C.: A phishing detection method depending on the pagerank. In: 5th Conference on Vulnerability Analysis and Risk Assessment, Shanghai (2012)
Zhuang, W., Ye, Y.F., Li, T., Jiang, Q.S.: Intelligent phishing website detection using classification ensemble. System Engineering - Theory/Practice 31, 2008–2020 (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Li, P., Mao, J., Wang, R., Zhang, L., Wei, T. (2014). A Website Credibility Assessment Scheme Based on Page Association. In: Huang, X., Zhou, J. (eds) Information Security Practice and Experience. ISPEC 2014. Lecture Notes in Computer Science, vol 8434. Springer, Cham. https://doi.org/10.1007/978-3-319-06320-1_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-06320-1_9
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-06319-5
Online ISBN: 978-3-319-06320-1
eBook Packages: Computer ScienceComputer Science (R0)