An Intelligent Phishing Detection and Protection Scheme using a fusion of Images, Frames and Text

A phishing attack is one of the most common forms of cybercrime worldwide. In recent years, phishing attacks have continued to escalate in severity, frequency and impact. Globally, the attacks cause billions of dollars of losses each year. Cybercriminals use phishing for various illicit activities such as personal identity theft and fraud, and to perpetrate sophisticated corporate-level attacks against financial institutions, healthcare providers, government agencies and businesses. Several solutions using various methodologies have been proposed in the literature to counter web-phishing threats. This research work adopts a novel strategy to the detection and prevention of website phishing attacks, with a practical implementation through development towards a browser toolbar add-in. A three-fold approach to the mitigation of phishing attacks is developed. Firstly, a total of 13,000 features and 10,000 images were collected from both phishing and legitimate websites to collate a database that was used in the current work. This database has been donated to the public domain to promote further work on phishing detection within the wider research community. Secondly, a hybrid feature selection approach is adopted. This approach combines the associated elements of images, frames and text of legitimate and non-legitimate websites which can then be collectively processed by an Artificial Intelligence scheme based on the adaptive neuro-fuzzy inference system (ANFIS). Thirdly, an alternative novel approach is evaluated using two deep learning techniques, the Convoluted Neural Network (CNN) and the Long-Short Term Memory (LSTM) variant as a combined classifier called the Intelligent Phishing Detection System (IPDS). The IPDS is shown to be highly effective both in the detection of phishing attacks and in the identification of fake websites. Experimental results show that an offline approach using the ANFIS has a 98.3% accuracy with an average detection time of 30 seconds, whilst the CNN+LSTM approach has a slightly lower accuracy with an average detection rate of 25 seconds. These times are within typical times for loading a web page which makes toolbar integration into a browser a practical option for website phishing detection in real time. The results of this research are compared with previous work and demonstrates both better or similar detection performance. This is the first work that considers how best to integrate images, text and frames in a hybrid feature-based solution for a phishing detection scheme