Presentation is loading. Please wait.

Presentation is loading. Please wait.

A New Phishing Detection Approach

Published byViktoria Krüger Modified over 6 years ago

Similar presentations

Presentation on theme: "A New Phishing Detection Approach"— Presentation transcript:

1 A New Phishing E-Mail Detection Approach
Kenneth F. Mbah, Ali A. Ghorbani Information Security Center of Excellence (ISCX), UNB Abstract According to APWG reports of October 2014 through September 2015, the number of unique Phishing reports they received from consumers has tremendously increased from to phishing s . This significant increase in phishing s reported is a proof that the question of privacy is still without any efficient solution. Hence, the contribution of researchers is needed to accurately detect phishing to guarantee safety of users data. Though a myriad of efforts have been made in literature on detecting phishing s, none of them have paid attention on some variant of phishing such as advertisement s and s related to pornography. In this work, we focus detection of all types of deceptive phishing attacks and their variants such as ad and porn s. We propose a novel framework to accurately classify s as phishing or legitimate by defining a set of classification rules based on high quality features. Our system yields about 89% accuracy. Deceptive Phishing attacks Malware-based Phishing attacks Key logger and screen logger phishing attacks Session hijacking attacks Web Trojans attacks Hosts files poisoning attacks Phishing attacks: Experiment 7) System reconfiguration attacks 8) Data theft attacks 9) DNS-Based Phishing attacks 10) Content-injection Phishing attacks 11) Man-in-the middle Phishing attacks 12) Search engine Phishing attacks Dataset : We are using a publicly available Dataset of s to test our framework in which s are labeled as legitimate and 2357 are phishing s. The legitimate s are from both the 2002 and 2003 ham collections, easy and hard, and the phishing ones are from the publicly available phishing corpus. Features FEATURES Redirecting Signs Number of dash IP address in link Domain Length Misleading digits Characters Image src Whois Out Bound Flow @ in link Number of dash and dots in sender’s address Number Of Dots in link Contain Phish words More Slash In Link Contain Porn Words No. of Top level Domain Number of broken Links Digits in link Number of links The system we proposed based on the above selected features helps to accurately detect phishing deceptive s. In the case of live detection, once an is alerted as phishing a reason is being attached to the system’s output and any decision to delete the is left to the user. Our nearest objective is to add the number of features mostly extracted from the sender’s ID in order to greatly increase the detection accuracy. Conclusion & Future Direction

Download ppt "A New Phishing Detection Approach"

Similar presentations

Patient information extraction in digitized X-ray imagery Hsien-Huang P. Wu Department of Electrical Engineering, National Yunlin University of Science.

Patient information extraction in digitized X-ray imagery Hsien-Huang P. Wu Department of Electrical Engineering, National Yunlin University of Science.
Support.ebsco.com Student Research Center Tutorial.

Support.ebsco.com Student Research Center Tutorial.
TrustPort Net Gateway Web traffic protection. WWW.TRUSTPORT.COM Keep It Secure Contents Latest security threats spam and malware Advantages of entry point.

TrustPort Net Gateway Web traffic protection. Keep It Secure Contents Latest security threats spam and malware Advantages of entry point.
Using the Self Service BMC Helpdesk

Using the Self Service BMC Helpdesk
Financial Aid Management System Account Registration and Confirmation.

Financial Aid Management System Account Registration and Confirmation.
Reporter: Jing Chiu Advisor: Yuh-Jye Lee 2015/7/181Data Mining & Machine Learning Lab.

Reporter: Jing Chiu Advisor: Yuh-Jye Lee /7/181Data Mining & Machine Learning Lab.
Detecting Malicious Flux Service Networks through Passive Analysis of Recursive DNS Traces Roberto Perdisci, Igino Corona, David Dagon, Wenke Lee ACSAC.

Detecting Malicious Flux Service Networks through Passive Analysis of Recursive DNS Traces Roberto Perdisci, Igino Corona, David Dagon, Wenke Lee ACSAC.
George Tubin Senior Analyst Consumer Banking © 2005 The Tower Group, Inc. May not be reproduced by any means without express permission. All rights reserved.

George Tubin Senior Analyst Consumer Banking © 2005 The Tower Group, Inc. May not be reproduced by any means without express permission. All rights reserved.
Malware Identification and Classification

Malware Identification and Classification
1 CANTINA : A Content-Based Approach to Detecting Phishing Web Sites WWW 2007 2008.09.09 Yue Zhang, Jason Hong, and Lorrie Cranor.

1 CANTINA : A Content-Based Approach to Detecting Phishing Web Sites WWW Yue Zhang, Jason Hong, and Lorrie Cranor.
Report : 鄭志欣 Advisor: Hsing-Kuo Pao 1 Learning to Detect Phishing Emails I. Fette, N. Sadeh, and A. Tomasic. Learning to detect phishing emails. In Proceedings.

Report : 鄭志欣 Advisor: Hsing-Kuo Pao 1 Learning to Detect Phishing s I. Fette, N. Sadeh, and A. Tomasic. Learning to detect phishing s. In Proceedings.
Design and Evaluation of a Real-Time URL Spam Filtering Service

Design and Evaluation of a Real-Time URL Spam Filtering Service
PHAD- A Phishing Avoidance and Detection Tool Using Invisible Digital Watermarking By Sonali Batra Web 2.0 Security and Privacy 2014.

PHAD- A Phishing Avoidance and Detection Tool Using Invisible Digital Watermarking By Sonali Batra Web 2.0 Security and Privacy 2014.
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.

NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
Social Engineering J Nivethan. Social Engineering The process of deceiving people into giving away access or confidential information Onlinne Phone Offline.

Social Engineering J Nivethan. Social Engineering The process of deceiving people into giving away access or confidential information Onlinne Phone Offline.
By Hitesh Ballani, Paul Francis, Xinyang Zhang Slides by Benson Luk for CS 217B.

By Hitesh Ballani, Paul Francis, Xinyang Zhang Slides by Benson Luk for CS 217B.
Network Security: Spam Nick Feamster Georgia Tech CS 6250 Joint work with Anirudh Ramachanrdan, Shuang Hao, Santosh Vempala, Alex Gray.

Network Security: Spam Nick Feamster Georgia Tech CS 6250 Joint work with Anirudh Ramachanrdan, Shuang Hao, Santosh Vempala, Alex Gray.
File Concept l Contiguous logical address space l Types: Data: numeric, character, binary Program: source, object (load image) Documents.

File Concept l Contiguous logical address space l Types: Data: numeric, character, binary Program: source, object (load image) Documents.
Verma - ICISS 2014 R easoning M ining NLP Defense Rakesh M. Verma ReMiND Laboratory Catching Classical and Hijack-based Phishing Attacks.

Verma - ICISS 2014 R easoning M ining NLP Defense Rakesh M. Verma ReMiND Laboratory Catching Classical and Hijack-based Phishing Attacks.
The OWASP Foundation OWASP Chennai 2007 Phishing.

The OWASP Foundation OWASP Chennai Phishing.

Similar presentations

Ads by Google