Authors: Ankur Mishra; B.B. Gupta
Addresses: National Institute of Technology, Kurukshetra, India ' National Institute of Technology, Kurukshetra, India
Abstract: Today, phishing attack is one of the most common and serious threat over internet. It is used to fraud users and steal their personal information either by using spoofed e-mails or fake websites or both. In this paper, we proposed a novel intelligent phishing detection system, i.e., CSS and URI matching-based phishing detection system (CUMP) to detect zero-day phishing attacks. Our proposed approach is based on the concept of uniform resource identifier (URI) and cascading style sheet (CSS) matching. This concept is used, as phisher always tries to mimic the URI pattern and visual design in the hope that even experienced user will not be able to detect phishing website by visualisation. To mimic the visual appearance, phishers generally use same CSS style. Without using same CSS, it is very difficult to achieve the same design. To defend against phishing websites attacks especially 'zero-day' attacks, our proposed system used the basic properties of any phishing attacks for URI and CSS matching. Our proposed solution is very effective in detecting a wide range of website phishing attacks with TP and TN rate of 93.27% and 100%, respectively and results in less false positive rate.
Keywords: intrusion; spoofing; phishing; website; e-mail; uniform resource identifier; URI; cascading style sheet; CSS; zero-day attack.
International Journal of Information and Communication Technology, 2018 Vol.12 No.1/2, pp.51 - 73
Available online: 08 Nov 2017 *Full-text access for editors Access for subscribers Purchase this article Comment on this article