Presentation provides an antiphishing approach

1. Presented By:
Shaikh Mussavir Ahemad
SGGS IE &T, Nanded
Intelligent Phishing detection &
protection scheme for online
Transaction

2. Outline
 Introduction
 Methodology
 Feature extraction & analysis
 Experimental procedures
 Conclusions & future work
 References
 Questions

3. Introduction
 What is phishing ?
 Phishing basics
 Phishing information flow
 Visually similar Webpages
 Growth rate of phishing sites
 Approaches of anti phishing
 Objectives of Study

4. What is Phishing?
Definition
 Phishing is an act to fraudulently acquire user’s sensitive
information such as password, credit/debit card number
through illegal website that look exactly like target website

5. Phishing basics
 Visually similar website
 Email containing time constraint
 Fake https certificate
 Attractive offers one phishing webpage
 Attractive games containing link to the phishing webpage

6. Figure:Phishing information flow

7. Visually similar websites

8. Growth rate of phishing sites
According to UK cards association press release report:
 Phishing attacks caused $21.6 million loss between January
& June 2012
 A growth of 28% from June 2011
 Number of websites detected by APWG 63,253 /month

9. Growth rate of phishing sites
 Number of URLs 1,75,229
 Significant growth caused by huge number of phishing
websites created by criminals for financial benefits
 Phishing techniques are improved regularly & getting more
sophisticated

10. Approaches of Antiphishing
Antiphishing approaches are developed to combat the
problem of phishing
The existing approaches are
Feature based
Content based
URL blacklist based

11. Objectives of approach
 Identify & extract phishing features based on five
inputs
 Develop a neuro fuzzy model
 Train & validate the fuzzy inference model on real time
 Maximizing the accuracy of performance and minimizing
false positive & operation time

12. Methodology
Proposed approach utilize Neuro Fuzzy with five inputs
 Neuro fuzzy
 Five inputs

13. Neuro Fuzzy
 Combination of fuzzy logic & neural network
Neuro fuzzy = Fuzzy logic + Neural network
 Allows use of numeric & linguistic properties
 Allows Universal approximation with ability to use fuzzy
IF......Then rules
 Fuzzy logic deal with reasoning on higher level using
numerical and linguistic information from domain
expert
 Neural network perform well when dealing with raw
data

14. Five Inputs
 Five inputs are five tables where features are extracted and
stored for references
 Wholly representative of phishing attack technique and
strategies
 288 features are extracted from these inputs
i. Legitimate site rules
ii. User behavioral profile
iii. Phish tank
iv. User specific sites
v. Pop up from email

15. Five Inputs
 Legitimate site rules
Summary of law covering phishing crime
 User behavioral profile
List of people behavior when interacting with phishing
websites
 Phish tank
Free community website where suspected websites are
verified and voted as a phish by community experts

16. Five Inputs
 User specific sites
Contains binding information between user and online
transaction service provider
 Pop-Ups from Email
Pop-Ups from email are general phrases used by
phishers

17. Feature Extraction And
Analysis
 Extraction is based on the five inputs
 An automated wizard is used to extract features and store
in excel sheet as phishing techniques evolve with time
 Legitimate site rules consist of 66 extracted features
 Based on user behavior profile 60 features are extracted
 Likewise phish tank carries 72 features that are extracted by
exploring 200 phishing websites from phish tank archive

18. Feature Extraction And
Analysis
 Also user specific sites have 48 features extracted by
consulting with bank experts & 20 legal websites
 Equally pop-ups from email consist of 42 features gathered
by observing pop-ups on screen
 These total 288 feature also known as data
 This data is used to differentiate between phishing
,legitimate and suspicious websites accurately
 Most frequent terms are searched by using ‘FIND’
function

19. Feature Extraction And
Analysis
 Consequently the terms that appear often are assigned
a value from 0 to 1 that is
phishing website= 1
Legitimate website= 0
Suspicious website = Any number between 0 to 1
 This strategy facilitate accuracy & reduces
complexity in fuzzy rules

20. Figure: Intelligent phishing detection system overall process diagram

21. Experimental Procedure
Training and testing methods
 2 fold cross validation method is used to train and test the
accuracy and robustness of the proposed model
 Divides data into two parts
i. Training is done on part I
ii. Testing is done on part II
 Then the role of training and testing is reversed
 Finally the results are assembled

22. Conclusion And Future Work
 Study presented is based on neural fuzzy scheme to
detect phishing websites & protect customers
performing online transactions on those sites
 Using 2 fold cross validation the proposed scheme with
five input offer a high accuracy in detecting phishing
sites in real time
 Scheme offers better performance in comparison to
previously reported research
 Primary contribution of this research is the framework
of five input which are the most important elements of
this research

23. Continue….
 Future work is adding more feature & parameters
optimization for a 100% accuracy to develop a plug in
toolbar for real time application

24. References
1. Intelligent phishing detection and protection scheme for online transacti
Original Research Article
Expert Systems with Applications, Volume 40, Issue 11, 1 September
2013, Pages 4697-4706
P.A. Barraclough, M.A. Hossain, M.A. Tahir, G. Sexton, N. Aslam
2.
Intelligent phishing detection system for e-banking using fuzzy data mini
Original Research Article
Expert Systems with Applications, Volume 37, Issue 12, December
2010, Pages 7913-7921
Maher Aburrous, M.A. Hossain, Keshav Dahal, Fadi Thabtah

25. Any Questions??Any Questions??

26. ThankThank
You...You...