Combating phishing attacks via brand identity and authorization features

doi:10.1002/sec.1045

CASIA OpenIR > 多模态人工智能系统全国重点实验室 > 模式分析与学习

	Combating phishing attacks via brand identity and authorization features
	Geng, Guanggang 1; Lee, Xiao-Dong 1; Zhang, Yan-Ming2
发表期刊	SECURITY AND COMMUNICATION NETWORKS
	2014-08-08
卷号	8 期号:6 页码:888-898
摘要	Phishing, also called brand spooﬁng, has become the most troubling scam on the Internet, which seriously threatens the Web security. The essence of phish is that “robbers” use false sites, which look like a trustworthy brand site, where favicon, logo and copyright notice are important brand identities. We analyzed 78-day phishing data of PhishTank and Anti-Phishing Working Group (APWG). The statistics show that more than 98.93% phishing sites contain at least one brand entity— favicon, logo or copyright notice. Indeed, only a few lowest-quality phishing campaigns do not use such brand elements. Obviously, brand entities are powerful weapons of phishers to trick users. By analyzing the characteristics of brand entities in phishing sites, several brand identity features are extracted. However, only brand entities do not consider whether the Web page with brand entities belongs to the corresponding brand or has an authorization to use the brand entities. To solve this problem, redirection, incoming links and Domain Name System (DNS) information-based brand authorization features are further extracted to discriminate the sites with branding rights from phishing sites. Based on extracted features, statistical anti-phishing classiﬁcation models are trained. We collected a diverse spectrum of corpora containing 3863 phishing cases from PhishTank and APWG, and 17 571 legitimate samples from DMOZ, Google and DNS resolution log. Experimental evaluations show that the model achieves 98.8% true positive rate and 0.09% false positive rate, which demonstrates the competitive performances of extracted features for statistical anti-phishing in practice.
关键词	Brand Identity Recognition
DOI	10.1002/sec.1045
收录类别	SCI
WOS记录号	WOS:000351877000002
引用统计	被引频次：16[WOS] [WOS记录] [WOS相关记录]
文献类型	期刊论文
条目标识符	http://ir.ia.ac.cn/handle/173211/10837
专题	多模态人工智能系统全国重点实验室_模式分析与学习
作者单位	1.Computer Network Information Center, Chinese Academy of Sciences 2.National Laboratory of Pattern Recognition, Institute of Automation
推荐引用方式 GB/T 7714	Geng, Guanggang,Lee, Xiao-Dong,Zhang, Yan-Ming. Combating phishing attacks via brand identity and authorization features[J]. SECURITY AND COMMUNICATION NETWORKS,2014,8(6):888-898.
APA	Geng, Guanggang,Lee, Xiao-Dong,&Zhang, Yan-Ming.(2014).Combating phishing attacks via brand identity and authorization features.SECURITY AND COMMUNICATION NETWORKS,8(6),888-898.
MLA	Geng, Guanggang,et al."Combating phishing attacks via brand identity and authorization features".SECURITY AND COMMUNICATION NETWORKS 8.6(2014):888-898.

条目包含的文件
文件名称/大小	文献类型	版本类型	开放类型	使用许可
geng2015combating.pd（1133KB）	期刊论文	作者接受稿	开放获取	CC BY-NC-SA	浏览