Skip to main content
SpringerLink
Log in

A lightweight and proactive rule-based incremental construction approach to detect phishing scam

  • Published:
Information Technology and Management Aims and scope Submit manuscript

Abstract

The development of digitization over the globe has made digital security inescapable. As every single article on this planet is being digitalized quickly, it is more important to protect those items. Numerous cyber threats effectively deceive ordinary individuals to take away their identifications. Phishing is a kind of social engineering attack where the hackers are using this kind of attack in modern days to steal the user's credentials. After a systematic research analysis of phishing technique and email scam, an intrusion detection system in chrome extension is developed. This technique is used to detect real-time phishing by examining the URL, domain, content and page attributes of an URL prevailing in an email and any web page portion. Considering the reliability, robustness and scalability of an efficient phishing detection system, we designed a lightweight and proactive rule-based incremental construction approach to detect any unknown phishing URLs. Due to the computational intelligence and nondependent of the blacklist signatures, this application can detect the zero-day and spear phishing attacks with a detection rate of 89.12% and 76.2%, respectively. The true positive values acquired in our method is 97.13% and it shows less than 1.5% of false positive values. Thus the application shows the precision level higher than the previous model developed and other phishing techniques. The overall results indicate that our framework outperforms the existing method in identifying phishing URLs.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21
Fig. 22

Similar content being viewed by others

References

  1. Kumar S, Ben-Othman J, Srinivasagan KG and Krishnan U (2019) Artificial intelligence managed network defense system against port scanning outbreaks. In: Proceedings of the International Conference on Vision Towards Emerging Trends in Communication and Networking (ViTECoN), IEEE Xplore, (March 2019), p 1–5. https://doi.org/10.1109/ViTECoN.2019.8899380

  2. Bullee J-W, Montoya L, Junger M, Hartel P (2017) Spear phishing in organisations explained. Inf Comput Secur 25(5):593–613. https://doi.org/10.1108/ICS-03-2017-0009

    Article  Google Scholar 

  3. Lakhita SY, Bohra B, Pooja M (2015) A review on recent phishing attacks in Internet. In: Proceedings of the 2015 International Conference on Green Computing and Internet of Things (ICGCIoT) (ICGCIOT' 15). IEEE Computer Society, USA, p 1312–1315. https://doi.org/10.1109/ICGCIoT.2015.7380669

  4. Sumner A and Yuan X (2019) Mitigating Phishing Attacks: An Overview. In: Proceedings of the 2019 ACM Southeast Conference (ACM SE' 19). Association for Computing Machinery, New York, NY, USA, p 72–77. https://doi.org/10.1145/3299815.3314437

  5. Ghafir I, Prenosil V, Hammoudeh M, Aparicio-Navarro FJ, Rabie K, and Jabban A (2018) Disguised executable files in spear-phishing emails: detecting the point of entry in advanced persistent threat. In: Proceedings of the 2nd International Conference on Future Networks and Distributed Systems (ICFNDS' 18). Association for Computing Machinery, New York, NY, USA, Article 44, 1–5. https://doi.org/10.1145/3231053.3231097

  6. Verizon.com, Inc. 2019. Data Breach Investigations Report. Retrieved from https://enterprise.verizon.com/resources/reports/2019-data-breach-investigations-report.pdf

  7. Phislab.com, Inc. 2019. Phishing Trends and Intelligence Report. Retrieved from https://info.phishlabs.com/hubfs/2019%20PTI%20Report/2019%20Phishing%20Trends%20and%20Intelligence%20Report.pdf

  8. Ic3.gov, Inc. 2018. Internet Crime Complaint Center - Internet Crime Report. Retrieved from https://pdf.ic3.gov/2018_IC3Report.pdf

  9. Li F, Lai A and Ddl D (2011) Evidence of Advanced Persistent Threat: A case study of malware for political espionage, 2011. In: 6th International Conference on Malicious and Unwanted Software. Fajardo. pp. 102-109. https://doi.org/10.1109/MALWARE.2011.6112333

  10. Hong J (2012) The state of phishing attacks. Commun ACM 55(1):74–81. https://doi.org/10.1145/2063176.2063197

    Article  Google Scholar 

  11. Satheesh Kumar M, Srinivasagan KG, Ben-Othman J (2019) Sniff-phish: a novel framework for resource intensive computation in cloud to detect email scam. Trans Emerging Tel Tech. https://doi.org/10.1002/ett.3590

    Article  Google Scholar 

  12. Dhamija R, Tygar JD, and Hearst M (2006) Why phishing works. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI' 06). Association for Computing Machinery, New York, NY, USA, p 581–590. https://doi.org/10.1145/1124772.1124861

  13. Alsharnouby M, Alaca F, Chiasson S (2015) Why phishing still works. Int J Hum Comput Stud 82(C):69–82. https://doi.org/10.1016/j.ijhcs.2015.05.005

    Article  Google Scholar 

  14. Orunsolu AA, Sodiya AS and Akinwale AT (2019) A predictive model for phishing detection. J King Saud Univ. Comput Inf Sci. https://doi.org/10.1016/j.jksuci.2019.12.005

  15. Le A, Markopoulou A and Faloutsos M (2011) PhishDef: URL names say it all. In: Proceedings IEEE INFOCOM, Shanghai. (June 2011). P 191–195. https://doi.org/10.1109/INFCOM.2011.5934995

  16. Sonowal G, Kuppusamy KS (2017) PhiDMA – A phishing detection model with multi-filter approach. J King Saud Univ Comput Inf Sci. https://doi.org/10.1016/j.jksuci.2017.07.005

    Article  Google Scholar 

  17. Niakanlahiji A, Chu B and Al-Shaer E (2018) PhishMon: a Machine Learning Framework for Detecting Phishing Webpages. In: IEEE International Conference on Intelligence and Security Informatics (ISI). Miami. FL (November 2018). p 220–225. https://doi.org/10.1109/ISI.2018.8587410

  18. Moghimi M, Varjani AY (2016) New rule-based phishing detection method. Expert Syst Appl 53:231–242. https://doi.org/10.1016/j.eswa.2016.01.028

    Article  Google Scholar 

  19. Zhang J, Pan Y, Wang Z and Liu B (2017) URL based gateway side phishing detection method. IEEE Trustcom/BigDataSE/ISPA. Tianjin. 268–275. https://doi.org/10.1109/TrustCom.2016.0073

  20. Verma R and Das A (2017) What's in a URL: Fast Feature Extraction and Malicious URL Detection. In: Proceedings of the 3rd ACM on International Workshop on Security And Privacy Analytics (IWSPA' 17). Association for Computing Machinery, New York, NY, USA, p 55–63. https://doi.org/10.1145/3041008.3041016

  21. Yue C and Wang H (2010) BogusBiter: a transparent protection against phishing attacks. ACM Trans Internet Technol 10(2):31, Article 6. https://doi.org/10.1145/1754393.1754395

  22. Shreeram V, Suban M, Shanthi P & Manjula K (2010) Anti-phishing detection of phishing attacks using genetic algorithm. In: Proceedings of the International Conference on Communication Control and Computing Technologies, p 447–450

  23. Nguyen LAT, Nguyen HK, To BL (2016) An efficient approach based on neuro-fuzzy for phishing detection. J Autom Control Eng. https://doi.org/10.12720/joace.4.2.159-165

    Article  Google Scholar 

  24. Pao H-K, Chou Y-L, and Lee Y-J (2012) Malicious URL Detection Based on Kolmogorov Complexity Estimation. In: Proceedings of the The 2012 IEEE/WIC/ACM International Joint Conferences on Web Intelligence and Intelligent Agent Technology - Volume 01 (WI-IAT' 12). IEEE Computer Society, USA, p 380–387

  25. Le A, Markopoulou A and Faloutsos M (2011) PhishDef: URL names say it all. In: 2011 Proceedings IEEE INFOCOM, Shanghai, China, p 191-195. https://doi.org/10.1109/INFCOM.2011.5934995

  26. Xiang G, Hong J, Rose CP, and Cranor L (2011) CANTINA+: A feature-rich machine learning framework for detecting phishing web sites. ACM Trans Inf Syst Secur 14(2):28 Article 21. https://doi.org/10.1145/2019599.2019606

  27. Mohammad RM, Thabtah F, McCluskey L (2014) Predicting phishing websites based on self-structuring neural network. Neural Comput Appl 25:443–458. https://doi.org/10.1007/s00521-013-1490-z

    Article  Google Scholar 

  28. Jeeva SC, Rajsingh EB (2016) Intelligent phishing url detection using association rule mining. Hum Cent Comput Inf Sci 6:10. https://doi.org/10.1186/s13673-016-0064-3

    Article  Google Scholar 

  29. Zouina M, Outtaj B (2017) A novel lightweight URL phishing detection system using SVM and similarity index. Hum Cent Comput Inf Sci 7:17. https://doi.org/10.1186/s13673-017-0098-1

    Article  Google Scholar 

  30. Feng F, Zhou Q, Shen Z et al (2018) The application of a novel neural network in the detection of phishing websites. J Ambient Intell Human Comput. https://doi.org/10.1007/s12652-018-0786-3

    Article  Google Scholar 

  31. Smadi S, Aslam N, Zhang L (2018) Detection of online phishing email using dynamic evolving neural network based on reinforcement learning. Decis Support Syst 107:88–102

    Article  Google Scholar 

  32. Rao R, Pais A (2018) Detection of phishing websites using an efficient feature-based machine learning framework. Neural Comput Appl 31(8):3851–3873

    Article  Google Scholar 

  33. Jain AK, Gupta BB (2016) A novel approach to protect against phishing attacks at client side using auto-updated white-list. EURASIP J Inf Secur 1(9):1–11

    Google Scholar 

  34. Babagoli M, Aghababa MP, Solouk V (2019) Heuristic nonlinear regression strategy for detecting phishing websites. Soft Comput 23(12):4315–4327

    Article  Google Scholar 

  35. Chhabra S, Aggarwal A, Benevenuto F, and Kumaraguru P (2011) Phi.sh/$oCiaL: the phishing landscape through short URLs. In: Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference (CEAS' 11). Association for Computing Machinery, New York, NY, USA, p 92–101. https://doi.org/10.1145/2030376.2030387

  36. SSL Labs. SSL test for the public web servers. 2019. https://www.ssllabs.com/ssltest/

  37. Aleroud A, Zhou L (2017) Phishing environments, techniques, and countermeasures: a survey. Comput Secur. https://doi.org/10.1016/j.cose.2017.04.006

    Article  Google Scholar 

  38. Varshney G, Misra M, Atrey PK (2016) A survey and classification of web phishing detection schemes. Secur Commun Netw 9:6266–6284. https://doi.org/10.1002/sec.1674

    Article  Google Scholar 

  39. Sahoo D, Liu C, and Hoi SCH (2019) Malicious URL detection using machine learning: a survey. 1(1):37 pages.

  40. Meiss MR, Menczer F, Fortunato S, Flammini A, and Vespignani A (2008) Ranking web sites with real user traffic. In: Proceedings of the 2008 International Conference on Web Search and Data Mining (WSDM' 08). Association for Computing Machinery, New York, NY, USA, p 65–76. https://doi.org/10.1145/1341531.1341543

  41. Althobaiti K, Rummani G and Vaniea K (2049). A Review of Human- and Computer-Facing URL Phishing Features. In: IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). Stockholm. Sweden. (August 2019). p 182–191. https://doi.org/10.1109/EuroSPW.2019.00027

  42. PhishTank. An anti-phishing site: phishing dataset (2019). http://www.phishtank.com

  43. IsItPhishing. Anti phishing tools and information (2019). http://www.isitphishing.org

  44. Enron email dataset (2019). https://www.cs.cmu.edu/~./enron

  45. Millersmiles sam report (2019). http://www.millersmiles.co.uk/archives.php

  46. Tumblr-targeted email attacks (2019). http://targetedemailattacks.tumblr.com

  47. Alexa. Top sites service (2019). https://www.alexa.com/topsites

  48. StuffGate. Free online website analyzer (2019). http://stuffgate.com/stuff/website/top-1000-sites

  49. Garera S, Provos N, Chew M, and Rubin AD (2007) A framework for detection and measurement of phishing attacks. In: Proceedings of the 2007 ACM workshop on Recurring malcode (WORM' 07). Association for Computing Machinery, New York, NY, USA, p 1–8. https://doi.org/10.1145/1314389.1314391

  50. Basnet RB, Doleck T (2015) Towards developing a tool to detect phishing urls: A machine learning approach. In: Computational Intelligence & Communication Technology (CICT), 2015 IEEE International Conference on (pp. 220–223). IEEE.

  51. Tan CL, Chiew KL et al. (2017) Phishing webpage detection using weighted url tokens for identity keywords retrieval. In: 9th International Conference on Robotic, Vision, Signal Processing and Power Applications (pp. 133–139). Springer.

  52. Chang EH, Chiew KL, Tiong WK et al. (2013) Phishing detection via identification of website identity. In: IT Convergence and Security (ICITCS), 2013 International Conference on (pp. 1–4). IEEE.

  53. Chiew KL, Chang EH, Sze SN, Tiong WK (2015) Utilisation of website logo for phishing detection. Comput Secur 54:16–26. https://doi.org/10.1016/j.cose.2015.07.006

    Article  Google Scholar 

  54. Prakash P, Kumar M, Kompella RR, and Gupta M (2010) Phishnet: predictive blacklisting to detect phishing attacks. In: INFOCOM, 2010 Proceedings IEEE.

Download references

Author information

Authors and Affiliations

  1. Department of ECE, National Engineering College, K.R.Nagar, Kovilpatti, TamilNadu, India

    M. SatheeshKumar

  2. Department of IT, National Engineering College, K.R.Nagar, Kovilpatti, TamilNadu, India

    K. G. Srinivasagan

  3. Mindtree, Hyderabad, India

    G. UnniKrishnan

Authors
  1. M. SatheeshKumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. K. G. Srinivasagan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. G. UnniKrishnan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to M. SatheeshKumar.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

SatheeshKumar, M., Srinivasagan, K.G. & UnniKrishnan, G. A lightweight and proactive rule-based incremental construction approach to detect phishing scam. Inf Technol Manag 23, 271–298 (2022). https://doi.org/10.1007/s10799-021-00351-7

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10799-021-00351-7

Keywords

Search

Navigation