PhishScore: Hacking Phishers' Minds

Abstract : Despite the growth of prevention techniques, phishing remains an important threat since the principal countermeasures in use are still based on reactive URL blacklisting. This technique is inefficient due to the short lifetime of phishing Web sites, making recent approaches relying on real-time or proactive phishing URLs detection techniques more appropriate. In this paper we introduce PhishScore, an automated real-time phishing detection system. We observed that phishing URLs usually have few relationships between the part of the URL that must be registered (upper level domain) and the remaining part of the URL (low level domain, path, query). Hence, we define this concept as intra-URL relatedness and evaluate it using features extracted from words that compose a URL based on query data from Google and Yahoo search engines. These features are then used in machine learning based classification to detect phishing URLs from a real dataset.
Type de document :
Communication dans un congrès
International Conference on Network and Service Management, Nov 2014, Rio de Janeiro, Brazil. IEEE; IFIP, 〈http://www.cnsm-conf.org/2014〉
Liste complète des métadonnées

https://hal.inria.fr/hal-01094238
Contributeur : Jérôme François <>
Soumis le : jeudi 11 décembre 2014 - 21:58:10
Dernière modification le : jeudi 11 janvier 2018 - 06:25:23

Identifiants

  • HAL Id : hal-01094238, version 1

Collections

Citation

Samuel Marchal, Jérôme François, Radu State, Thomas Engel. PhishScore: Hacking Phishers' Minds. International Conference on Network and Service Management, Nov 2014, Rio de Janeiro, Brazil. IEEE; IFIP, 〈http://www.cnsm-conf.org/2014〉. 〈hal-01094238〉

Partager

Métriques

Consultations de la notice

248