IJSER Home >> Journal >> IJSER
International Journal of Scientific and Engineering Research
ISSN Online 2229-5518
ISSN Print: 2229-5518 3    
Website: http://www.ijser.org
scirp IJSER >> Volume 3,Issue 3,March 2012
Phishing Detection based on Visual-Similarity
Full Text(PDF, )  PP.1-5  
A.V.R.Mayuri., M.Tech, (Ph.D )
Anti-Phishing, Web document analysis, Security, Visual Similarity
Phishing is a form of online fraud that aims to steal a user's sensitive information, such as online banking passwords or credit card numbers. The victim is tricked into entering such information on a web page that is crafted by the attacker so that it mimics a legitimate page. Recent statistics about the increasing number of phishing attacks suggest that this security problem still deserves significant attention. In this paper, we present a novel technique to visually compare a suspected phishing page with the legitimate one. The goal is to determine whether the two pages are suspiciously similar. We identify and consider three page features that play a key role in making a phishing page look similar to a legitimate one. These features are text pieces and their style, images embedded in the page, and the overall visual appearance of the page as rendered by the browser. To verify the feasibility of our approach, we performed an experimental evaluation using a dataset composed of 41 real world phishing pages, along with their corresponding legitimate targets. Our experimental results are satisfactory in terms of false positives and false negatives.
[1] APWG. Phishing Activity Trends - Report for the Month of December, 2007. Technical report, Anti Phishing Working Group, Jan. 2008.

[2] H. Aradhye, G. Myers, and J. Herson. Image analysis for efficient categorization of image-based spam e-mail. Document Analysis and Recognition, 2005.

[3] N. Chou, R. Ledesma, Y. Teraguchi, D. Boneh, and J. Mitchell. Client-side defense against web-based identity theft.

[4] E. Kirda and C. Kruegel. Protecting Users against Phishing Attacks. The Computer Journal, 2006.

[5] E. Medvet, E. Kirda, and C. Kruegel. Visual-Similarity-Based Phishing Detection. Technical Report,

[6] Microsoft. Sender ID Home Page. http://www.microsoft.com/mscorp/safety/technologies/senderid/defau lt.mspx, 2008.

[7] A. Rosiello, E. Kirda, C. Kruegel, and F. Ferrandi. A LayoutSimilarity-Based Approach for Detecting Phishing Pages. IN (SecureComm), 2007.

[8] B. Ross, C. Jackson, N. Miyake, D. Boneh, and J. C. Mitchell. A Browser Plug-In Solution to the Unique Password Problem.

[9] B. Ross, C. Jackson, N. Miyake, D. Boneh, and J. C. Mitchell. Stronger Password Authentication Using Browser Extensions. In 14th Usenix Security Symposium, 2005.

[10] SpoofGuard. Client-side defense against web-based identity theft.

[11] R. Stankovic and B. Falkowski. The Haar wavelet transform: its status and achievements. Computers and Electrical Engineering, 29:25–44, 2003.

Untitled Page