Hybrid phishing detection using joint visual and textual identity

Colin Tan Choon, Lin and Chiew, Kang Leng and Kelvin Yong, S. C. and Yakub, Sebastian and Joel Than Chia, Ming and Tiong, Wei King (2023) Hybrid phishing detection using joint visual and textual identity. Expert Systems With Applications, 220. pp. 1-16. ISSN 1873-6793

[img] PDF
Hybrid phishing.pdf
Download (441kB)
Official URL: https://www.sciencedirect.com/science/article/pii/...

Abstract

In recent years, phishing attacks have evolved considerably, causing existing adversarial features that were widely utilised for detecting phishing websites to become less discriminative. These developments have fuelled growing interests among security researchers towards an anti-phishing strategy known as the identity-based detection technique. Identity-based detection techniques have consistently achieved high true positive rates in a rapidly changing phishing landscape, owing to its capitalisation on fundamental brand identity relations that are inherent in most legitimate webpages. However, existing identity-based techniques often suffer higher false positive rates due to complexities and challenges in establishing the webpage’s brand identity. To close the existing performance gap, this paper proposes a new hybrid identity-based phishing detection technique that leverages webpage visual and textual identity. Extending earlier anti-phishing work based on the website logo as visual identity, our method incorporates novel image features that mimic human vision to enhance the logo detection accuracy. The proposed hybrid technique integrates the visual identity with a textual identity, namely, brand-specific keywords derived from the webpage content using textual analysis methods. We empirically demonstrated on multiple benchmark datasets that this joint visual-textual identity detection approach significantly improves phishing detection performance with an overall accuracy of 98.6%. Benchmarking results against an existing technique showed comparable true positive rates and a reduction of up to 3.4% in false positive rates, thus affirming our objective of reducing the misclassification of legitimate webpages without sacrificing the phishing detection performance. The proposed hybrid identitybased technique is proven to be a significant and practical contribution that will enrich the anti-phishing community with improved defence strategies against rapidly evolving phishing schemes.

Item Type: Article
Additional Information: Information, Communication and Creative Technology
Uncontrolled Keywords: Phishing detection, Web security, Website identity, Computer vision, Logo detection, Brand names.
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: Academic Faculties, Institutes and Centres > Faculty of Computer Science and Information Technology
Faculties, Institutes, Centres > Faculty of Computer Science and Information Technology
Academic Faculties, Institutes and Centres > Faculty of Computer Science and Information Technology
Depositing User: Gani
Date Deposited: 02 May 2023 03:54
Last Modified: 16 Jan 2024 00:53
URI: http://ir.unimas.my/id/eprint/41756

Actions (For repository members only: login required)

View Item View Item
UNIMAS Institutional Repository is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.