Skip to Main content Skip to Navigation
New interface
Conference papers

Adversarial Sampling Attacks Against Phishing Detection

Abstract : Phishing websites trick users into believing that they are interacting with a legitimate website, and thereby, capture sensitive information, such as user names, passwords, credit card numbers and other personal information. Machine learning appears to be a promising technique for distinguishing between phishing websites and legitimate ones. However, machine learning approaches are susceptible to adversarial learning techniques, which attempt to degrade the accuracy of a trained classifier model. In this work, we investigate the robustness of machine learning based phishing detection in the face of adversarial learning techniques. We propose a simple but effective approach to simulate attacks by generating adversarial samples through direct feature manipulation. We assume that the attacker has limited knowledge of the features, the learning models, and the datasets used for training. We conducted experiments on four publicly available datasets on the Internet. Our experiments reveal that the phishing detection mechanisms are vulnerable to adversarial learning techniques. Specifically, the identification rate for phishing websites dropped to 70% by manipulating a single feature. When four features were manipulated, the identification rate dropped to zero percent. This result means that, any phishing sample, which would have been detected correctly by a classifier model, can bypass the classifier by changing at most four feature values; a simple effort for an attacker for such a big reward. We define the concept of vulnerability level for each dataset that measures the number of features that can be manipulated and the cost for each manipulation. Such a metric will allow us to compare between multiple defense models.
Document type :
Conference papers
Complete list of metadata

Cited literature [25 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, November 28, 2019 - 2:25:53 PM
Last modification on : Thursday, November 28, 2019 - 2:29:02 PM
Long-term archiving on: : Saturday, February 29, 2020 - 4:06:21 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Hossein Shirazi, Bruhadeshwar Bezawada, Indrakshi Ray, Charles Anderson. Adversarial Sampling Attacks Against Phishing Detection. 33th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec), Jul 2019, Charleston, SC, United States. pp.83-101, ⟨10.1007/978-3-030-22479-0_5⟩. ⟨hal-02384598⟩



Record views


Files downloads