Phishing page detection via learning classifiers from page layout feature

Abstract The web technology has become the cornerstone of a wide range of platforms, such as mobile services and smart Internet-of-things (IoT) systems. In such platforms, users’ data are aggregated to a cloud-based platform, where web applications are used as a key interface to access and configure...

Full description

Bibliographic Details
Main Authors: Jian Mao, Jingdong Bian, Wenqian Tian, Shishi Zhu, Tao Wei, Aili Li, Zhenkai Liang
Format: Article
Language:English
Published: SpringerOpen 2019-02-01
Series:EURASIP Journal on Wireless Communications and Networking
Subjects:
Online Access:http://link.springer.com/article/10.1186/s13638-019-1361-0
_version_ 1818315189037039616
author Jian Mao
Jingdong Bian
Wenqian Tian
Shishi Zhu
Tao Wei
Aili Li
Zhenkai Liang
author_facet Jian Mao
Jingdong Bian
Wenqian Tian
Shishi Zhu
Tao Wei
Aili Li
Zhenkai Liang
author_sort Jian Mao
collection DOAJ
description Abstract The web technology has become the cornerstone of a wide range of platforms, such as mobile services and smart Internet-of-things (IoT) systems. In such platforms, users’ data are aggregated to a cloud-based platform, where web applications are used as a key interface to access and configure user data. Securing the web interface requires solutions to deal with threats from both technical vulnerabilities and social factors. Phishing attacks are one of the most commonly exploited vectors in social engineering attacks. The attackers use web pages visually mimicking legitimate web sites, such as banking and government services, to collect users’ sensitive information. Existing phishing defense mechanisms based on URLs or page contents are often evaded by attackers. Recent research has demonstrated that visual layout similarity can be used as a robust basis to detect phishing attacks. In particular, features extracted from CSS layout files can be used to measure page similarity. However, it needs human expertise in specifying how to measure page similarity based on such features. In this paper, we aim to enable automated page-layout-based phishing detection techniques using machine learning techniques. We propose a learning-based aggregation analysis mechanism to decide page layout similarity, which is used to detect phishing pages. We prototype our solution and evaluate four popular machine learning classifiers on their accuracy and the factors affecting their results.
first_indexed 2024-12-13T09:01:34Z
format Article
id doaj.art-40c89f1f2373464bb0cbc620c460814e
institution Directory Open Access Journal
issn 1687-1499
language English
last_indexed 2024-12-13T09:01:34Z
publishDate 2019-02-01
publisher SpringerOpen
record_format Article
series EURASIP Journal on Wireless Communications and Networking
spelling doaj.art-40c89f1f2373464bb0cbc620c460814e2022-12-21T23:53:09ZengSpringerOpenEURASIP Journal on Wireless Communications and Networking1687-14992019-02-012019111410.1186/s13638-019-1361-0Phishing page detection via learning classifiers from page layout featureJian Mao0Jingdong Bian1Wenqian Tian2Shishi Zhu3Tao Wei4Aili Li5Zhenkai Liang6School of Cyber Science and Technology, Beihang UniversitySchool of Cyber Science and Technology, Beihang UniversitySchool of Cyber Science and Technology, Beihang UniversitySchool of Cyber Science and Technology, Beihang UniversityBaidu USA LLC, Bordeaux DriveInformation Technology Service Center, China National Petroleum CorporationSchool of Computing, National University of SingaporeAbstract The web technology has become the cornerstone of a wide range of platforms, such as mobile services and smart Internet-of-things (IoT) systems. In such platforms, users’ data are aggregated to a cloud-based platform, where web applications are used as a key interface to access and configure user data. Securing the web interface requires solutions to deal with threats from both technical vulnerabilities and social factors. Phishing attacks are one of the most commonly exploited vectors in social engineering attacks. The attackers use web pages visually mimicking legitimate web sites, such as banking and government services, to collect users’ sensitive information. Existing phishing defense mechanisms based on URLs or page contents are often evaded by attackers. Recent research has demonstrated that visual layout similarity can be used as a robust basis to detect phishing attacks. In particular, features extracted from CSS layout files can be used to measure page similarity. However, it needs human expertise in specifying how to measure page similarity based on such features. In this paper, we aim to enable automated page-layout-based phishing detection techniques using machine learning techniques. We propose a learning-based aggregation analysis mechanism to decide page layout similarity, which is used to detect phishing pages. We prototype our solution and evaluate four popular machine learning classifiers on their accuracy and the factors affecting their results.http://link.springer.com/article/10.1186/s13638-019-1361-0Anti-phishingMachine learningAggregation analysis
spellingShingle Jian Mao
Jingdong Bian
Wenqian Tian
Shishi Zhu
Tao Wei
Aili Li
Zhenkai Liang
Phishing page detection via learning classifiers from page layout feature
EURASIP Journal on Wireless Communications and Networking
Anti-phishing
Machine learning
Aggregation analysis
title Phishing page detection via learning classifiers from page layout feature
title_full Phishing page detection via learning classifiers from page layout feature
title_fullStr Phishing page detection via learning classifiers from page layout feature
title_full_unstemmed Phishing page detection via learning classifiers from page layout feature
title_short Phishing page detection via learning classifiers from page layout feature
title_sort phishing page detection via learning classifiers from page layout feature
topic Anti-phishing
Machine learning
Aggregation analysis
url http://link.springer.com/article/10.1186/s13638-019-1361-0
work_keys_str_mv AT jianmao phishingpagedetectionvialearningclassifiersfrompagelayoutfeature
AT jingdongbian phishingpagedetectionvialearningclassifiersfrompagelayoutfeature
AT wenqiantian phishingpagedetectionvialearningclassifiersfrompagelayoutfeature
AT shishizhu phishingpagedetectionvialearningclassifiersfrompagelayoutfeature
AT taowei phishingpagedetectionvialearningclassifiersfrompagelayoutfeature
AT ailili phishingpagedetectionvialearningclassifiersfrompagelayoutfeature
AT zhenkailiang phishingpagedetectionvialearningclassifiersfrompagelayoutfeature