A Survey of Website Phishing Detection Techniques

This article surveys the literature on website phishing detection. Web Phishing lures the user to interact with the fake website. The main objective of this attack is to steal the sensitive information from the user. The attacker creates similar website that looks like original website. It allows attacker to obtain sensitive information such as username, password, credit card details etc. This paper aims to survey many of the recently proposed website phishing detection techniques. A high-level overview of various types of phishing detection techniques is also presented

High Accuracy Phishing Detection Based on Convolutional Neural Networks

The persistent growth in phishing and the rising volume of phishing websites has led to individuals and organizations worldwide becoming increasingly exposed to various cyber-attacks. Consequently, more effective phishing detection is required for improved cyber defence. Hence, in this paper we present a deep learning-based approach to enable high accuracy detection of phishing sites. The proposed approach utilizes convolutional neural networks (CNN) for high accuracy classification to distinguish genuine sites from phishing sites. We evaluate the models using a dataset obtained from 6,157 genuine and 4,898 phishing websites. Based on the results of extensive experiments, our CNN based models proved to be highly effective in detecting unknown phishing sites. Furthermore, the CNN based approach performed better than traditional machine learning classifiers evaluated on the same dataset, reaching 98.2% phishing detection rate with an F1-score of 0.976. The method presented in this pa-per compares favourably to the state-of-the art in deep learning based phishing website detection

Effect of Metacognition on Phishing Detection: Mediating Role of Situational Awareness

The Internet Crime Report by the Federal Bureau of Investigation states that the number of internet crime compliant reaches about half a million cases with reported loss exceeding 3.5 billion dollars in the year 2019 in the United States (US). Phishing attack or phishing scheme is one of the classes of internet crime. Phishing attack is broadly defined by unsolicited email, text, and telephone calls from imposter individual or business firm. Among all the reported cyberattack types in 2019 in the US, phishing scheme has the highest number of victims. According to the Federal Trade Commission, scammers carry phishing attacks primarily to steal internet user credentials, financial information, and social security information from the victims. The phishing attack victims report a loss totaling 57 million dollars in 2019 in the US. Thus, preventing this attack can reduce significant damage. Extant research on phishing attack prevention can be classified into two streams– focusing on the technological factor in phishing detection and focusing on the human factor in phishing detection. The technical stream deals with developing efficient automatic phishing detection systems by using algorithmic approaches and providing effective mitigation techniques after the detection. However, these techniques are effective when the phishing attack is not highly targeted. Focusing on the human factor is critical in phishing detection because human can deal with unique scenarios. When an attack reaches a user, then the user needs to safeguard themselves. The human factor stream of phishing detection deals with finding the reasons why technology users are susceptible to a phishing attack and making the users aware through training and communication to increase the likelihood of phishing detection at the users’ side. Researches find that cybercriminals use persuasion techniques, emergency, and social pressure to attack the users. The user training and awareness studies investigate various approaches such as service policy, warning messages, educational notices, and mindfulness. Metacognitive knowledge, a psychological construct, usually deals with an individual’s deeper thought process in any complex and dynamic decision-making environment. Existing literature provides little evidence on how metacognitive knowledge can be beneficial in the phishing detection by human. Thus, an extension of the current literature is to investigate the impact of metacognition in phishing detection. Metacognitive knowledge is vital in the context of phishing detection because it can make the users more aware of the threat. There are three main aspects of metacognitive knowledge, namely declarative knowledge, procedural knowledge, and conditional knowledge, and all these three impacts situational awareness. Situational awareness (SA) is defined by the perception about the environment, comprehension about the scenario, and projection about the future consequences. SA plays a crucial role in phishing because of the individual’s need to assess the vulnerability and decide based on the situation. According to the Situational Awareness Theory (SAT), individual factors are antecedents of SA, and situational decision is a consequence of SA. Using SAT, we argue that an individual’s level of metacognitive knowledge impacts phishing detection through the mediating role of situational awareness

VisualPhishNet: Zero-Day Phishing Website Detection by Visual Similarity

Phishing websites are still a major threat in today's Internet ecosystem. Despite numerous previous efforts, similarity-based detection methods do not offer sufficient protection for the trusted websites - in particular against unseen phishing pages. This paper contributes VisualPhishNet, a new similarity-based phishing detection framework, based on a triplet Convolutional Neural Network (CNN). VisualPhishNet learns profiles for websites in order to detect phishing websites by a similarity metric that can generalize to pages with new visual appearances. We furthermore present VisualPhish, the largest dataset to date that facilitates visual phishing detection in an ecologically valid manner. We show that our method outperforms previous visual similarity phishing detection approaches by a large margin while being robust against a range of evasion attacks

Deep Learning for Phishing Detection: Taxonomy, Current Challenges and Future Directions

This work was supported in part by the Ministry of Higher Education under the Fundamental Research Grant Scheme under Grant FRGS/1/2018/ICT04/UTM/01/1; and in part by the Faculty of Informatics and Management, University of Hradec Kralove, through SPEV project under Grant 2102/2022.Phishing has become an increasing concern and captured the attention of end-users as well as security experts. Existing phishing detection techniques still suffer from the de ciency in performance accuracy and inability to detect unknown attacks despite decades of development and improvement. Motivated to solve these problems, many researchers in the cybersecurity domain have shifted their attention to phishing detection that capitalizes on machine learning techniques. Deep learning has emerged as a branch of machine learning that becomes a promising solution for phishing detection in recent years. As a result, this study proposes a taxonomy of deep learning algorithm for phishing detection by examining 81 selected papers using a systematic literature review approach. The paper rst introduces the concept of phishing and deep learning in the context of cybersecurity. Then, taxonomies of phishing detection and deep learning algorithm are provided to classify the existing literature into various categories. Next, taking the proposed taxonomy as a baseline, this study comprehensively reviews the state-of-the-art deep learning techniques and analyzes their advantages as well as disadvantages. Subsequently, the paper discusses various issues that deep learning faces in phishing detection and proposes future research directions to overcome these challenges. Finally, an empirical analysis is conducted to evaluate the performance of various deep learning techniques in a practical context, and to highlight the related issues that motivate researchers in their future works. The results obtained from the empirical experiment showed that the common issues among most of the state-of-the-art deep learning algorithms are manual parameter-tuning, long training time, and de cient detection accuracy.Ministry of Higher Education under the Fundamental Research Grant Scheme FRGS/1/2018/ICT04/UTM/01/1Faculty of Informatics and Management, University of Hradec Kralove, through SPEV project 2102/202

HTMLPhish: Enabling Phishing Web Page Detection by Applying Deep Learning Techniques on HTML Analysis

Recently, the development and implementation of phishing attacks require little technical skills and costs. This uprising has led to an ever-growing number of phishing attacks on the World Wide Web. Consequently, proactive techniques to fight phishing attacks have become extremely necessary. In this paper, we propose HTMLPhish, a deep learning based datadriven end-to-end automatic phishing web page classification approach. Specifically, HTMLPhish receives the content of the HTML document of a web page and employs Convolutional Neural Networks (CNNs) to learn the semantic dependencies in the textual contents of the HTML. The CNNs learn appropriate feature representations from the HTML document embeddings without extensive manual feature engineering. Furthermore, our proposed approach of the concatenation of the word and character embeddings allows our model to manage new features and ensure easy extrapolation to test data. We conduct comprehensive experiments on a dataset of more than 50,000 HTML documents that provides a distribution of phishing to benign web pages obtainable in the real-world that yields over 93% Accuracy and True Positive Rate. Also, HTMLPhish is a completely language-independent and client-side strategy which can, therefore, conduct web page phishing detection regardless of the textual language

Design of Automated Website Phishing Detection using Sequential Mechanism of RCL Algorithm

The phishing outbreaks in internet has become a major problem in web safety in recent years. The phishers will be stealing crucial economic data regarding the web user to perform economic break-in. In order to predict phishing websites, many blacklist-based phishing website recognition methods are used in this study. Traditional methods of detecting phishing websites rely on static features and rule-based schemes, which can be evaded by attackers. Recently, Deep Learning (DL) and Machine Learning (ML) models are employed for automated website phishing detection. With this motivation, this study develops an automated website phishing detection using the sequential mechanism of RCL algorithm. The proposed model employs Long-Short-Term Memory (LSTM), Convolutional Neural Network (CNN), and Random Forest (RF) models for the detection of attacks in the URLs and webpages by the similarity measurement of the decoy contents. The proposed model involves three major components namely, RF for URL phishing detection, CNN based phishing webpage detection, and LSTM based website classification (i.e., legitimate and phishing). The experimental result analysis of the RCL technique is tested on the benchmark dataset of Alexa and PhishTank. A comprehensive comparison study highlighted that the RCL algorithm accomplishes enhanced phishing detection performance over other existing techniques in terms of distinct evaluation metrics