Phishing Detection With Identity Keywords and Target Domain Name

Tan, Colin Choon Lin (2015) Phishing Detection With Identity Keywords and Target Domain Name. Masters thesis, UNIMAS.

[img] PDF
Phishing Detection With Identity Keywords 24pgs.pdf
Restricted to Registered users only

Download (490kB)
[img] PDF (Please get the password by email to repository@unimas.my , or call ext: 082-583914/3973/3933)
Colin.pdf
Restricted to Registered users only

Download (1MB)

Abstract

This thesis describes the research work carried out to address the problem of phishing detection and the weaknesses in existing anti-phishing methods. Phishing works by luring users to counterfeit websites, where highly confidential credentials are requested. To safeguard Internet users against phishing attacks, a hybrid anti-phishing method consisting of text-based, search engine-based and identity-based methods are proposed, where the differences between the target and actual identities of a webpage are exploited for classification. The proposed method can be divided into three phases. The first phase extracts identity keywords from the textual contents of the website, where a novel weighted URL tokens system based on the N-gram model is proposed. The second phase finds the target domain name by using a search engine, and the target domain name is selected based on identity-relevant features. In the final phase, a 3-tier identity matching system exploits indirect identity relationships to conclude the legitimacy of the query webpage. Experiments were conducted over 10,000 datasets, where true positive rate of 99.68% and true negative rate of 92.52% were achieved. Benchmarking results also suggest that the proposed method achieves comparable overall accuracy with three selected conventional methods. In summary, the proposed method has the key advantage of identifying phishing webpages accurately. This key advantage is highly desirable in anti-phishing applications.

Item Type: Thesis (Masters)
Additional Information: Thesis (M.Sc.) -- Universiti Malaysia Sarawak, 2015.
Uncontrolled Keywords: Computer security, Phishing, Internet theft, Internet fraud, Identity theft
Subjects: Q Science > Q Science (General)
Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: Academic Faculties, Institutes and Centres > Faculty of Computer Science and Information Technology
Faculties, Institutes, Centres > Faculty of Computer Science and Information Technology
Academic Faculties, Institutes and Centres > Faculty of Computer Science and Information Technology
Depositing User: Gani
Date Deposited: 05 Sep 2018 05:19
Last Modified: 24 Aug 2023 04:40
URI: http://ir.unimas.my/id/eprint/21452

Actions (For repository members only: login required)

View Item View Item