3. Introduction
What is phishing ?
Phishing basics
Phishing information flow
Visually similar Webpages
Growth rate of phishing sites
Approaches of anti phishing
Objectives of Study
4. What is Phishing?
Definition
Phishing is an act to fraudulently acquire user’s sensitive
information such as password, credit/debit card number
through illegal website that look exactly like target website
5. Phishing basics
Visually similar website
Email containing time constraint
Fake https certificate
Attractive offers one phishing webpage
Attractive games containing link to the phishing webpage
8. Growth rate of phishing sites
According to UK cards association press release report:
Phishing attacks caused $21.6 million loss between January
& June 2012
A growth of 28% from June 2011
Number of websites detected by APWG 63,253 /month
9. Growth rate of phishing sites
Number of URLs 1,75,229
Significant growth caused by huge number of phishing
websites created by criminals for financial benefits
Phishing techniques are improved regularly & getting more
sophisticated
10. Approaches of Antiphishing
Antiphishing approaches are developed to combat the
problem of phishing
The existing approaches are
Feature based
Content based
URL blacklist based
11. Objectives of approach
Identify & extract phishing features based on five
inputs
Develop a neuro fuzzy model
Train & validate the fuzzy inference model on real time
Maximizing the accuracy of performance and minimizing
false positive & operation time
13. Neuro Fuzzy
Combination of fuzzy logic & neural network
Neuro fuzzy = Fuzzy logic + Neural network
Allows use of numeric & linguistic properties
Allows Universal approximation with ability to use fuzzy
IF......Then rules
Fuzzy logic deal with reasoning on higher level using
numerical and linguistic information from domain
expert
Neural network perform well when dealing with raw
data
14. Five Inputs
Five inputs are five tables where features are extracted and
stored for references
Wholly representative of phishing attack technique and
strategies
288 features are extracted from these inputs
i. Legitimate site rules
ii. User behavioral profile
iii. Phish tank
iv. User specific sites
v. Pop up from email
15. Five Inputs
Legitimate site rules
Summary of law covering phishing crime
User behavioral profile
List of people behavior when interacting with phishing
websites
Phish tank
Free community website where suspected websites are
verified and voted as a phish by community experts
16. Five Inputs
User specific sites
Contains binding information between user and online
transaction service provider
Pop-Ups from Email
Pop-Ups from email are general phrases used by
phishers
17. Feature Extraction And
Analysis
Extraction is based on the five inputs
An automated wizard is used to extract features and store
in excel sheet as phishing techniques evolve with time
Legitimate site rules consist of 66 extracted features
Based on user behavior profile 60 features are extracted
Likewise phish tank carries 72 features that are extracted by
exploring 200 phishing websites from phish tank archive
18. Feature Extraction And
Analysis
Also user specific sites have 48 features extracted by
consulting with bank experts & 20 legal websites
Equally pop-ups from email consist of 42 features gathered
by observing pop-ups on screen
These total 288 feature also known as data
This data is used to differentiate between phishing
,legitimate and suspicious websites accurately
Most frequent terms are searched by using ‘FIND’
function
19. Feature Extraction And
Analysis
Consequently the terms that appear often are assigned
a value from 0 to 1 that is
phishing website= 1
Legitimate website= 0
Suspicious website = Any number between 0 to 1
This strategy facilitate accuracy & reduces
complexity in fuzzy rules
21. Experimental Procedure
Training and testing methods
2 fold cross validation method is used to train and test the
accuracy and robustness of the proposed model
Divides data into two parts
i. Training is done on part I
ii. Testing is done on part II
Then the role of training and testing is reversed
Finally the results are assembled
22. Conclusion And Future Work
Study presented is based on neural fuzzy scheme to
detect phishing websites & protect customers
performing online transactions on those sites
Using 2 fold cross validation the proposed scheme with
five input offer a high accuracy in detecting phishing
sites in real time
Scheme offers better performance in comparison to
previously reported research
Primary contribution of this research is the framework
of five input which are the most important elements of
this research
23. Continue….
Future work is adding more feature & parameters
optimization for a 100% accuracy to develop a plug in
toolbar for real time application
24. References
1. Intelligent phishing detection and protection scheme for online transacti
Original Research Article
Expert Systems with Applications, Volume 40, Issue 11, 1 September
2013, Pages 4697-4706
P.A. Barraclough, M.A. Hossain, M.A. Tahir, G. Sexton, N. Aslam
2.
Intelligent phishing detection system for e-banking using fuzzy data mini
Original Research Article
Expert Systems with Applications, Volume 37, Issue 12, December
2010, Pages 7913-7921
Maher Aburrous, M.A. Hossain, Keshav Dahal, Fadi Thabtah