TY - GEN
T1 - Visual Similarity-Based Phishing Detection Scheme Using Image and CSS with Target Website Finder
AU - Haruta, Shuichiro
AU - Asahina, Hiromu
AU - Sasase, Iwao
N1 - Funding Information:
This work is partly supported by the Grant in Aid for Scientific Research (C) 17K06440 from Ministry of Education, Sport, Science and Technology, Japan.
Publisher Copyright:
© 2017 IEEE.
PY - 2017/7/1
Y1 - 2017/7/1
N2 - The detection of phishing websites and identifying their target are imperative. Among several phishing detection schemes, the scheme using visual similarity is gathering attention. It takes a screenshot of website and stores it to the database. If the inputted website''s screenshot is similar to database''s one, it is judged as phishing. However, if multiple similar websites exist, the first inputted website is regarded as legitimate. As a result, it cannot correctly detect legitimate website and identifying phishing target becomes difficult. As a second shortcoming, if the screenshot of phishing website is locally different from ones in the database, false negative occurs. In this paper, we propose visual similarity-based phishing detection scheme using image and CSS with target website finder. To remedy first shortcoming, we focus on the fact that legitimate websites are often linked by other websites and regard such website as legitimate and store the screenshot and CSS in the database. Since CSS is a file which defines the websites visual contents, attackers often steal legitimate CSS to mimic the legitimate website. Thus, by detecting the website which plagiarizes appearance or CSS of legitimate website, we detect phishing website and its target simultaneously. Moreover, we can alleviate the second shortcoming by using CSS because it is probable that the websites which have locally different appearance use identical CSS. By computer simulation with real dataset, we demonstrate our scheme improves detection accuracy while finding phishing target.
AB - The detection of phishing websites and identifying their target are imperative. Among several phishing detection schemes, the scheme using visual similarity is gathering attention. It takes a screenshot of website and stores it to the database. If the inputted website''s screenshot is similar to database''s one, it is judged as phishing. However, if multiple similar websites exist, the first inputted website is regarded as legitimate. As a result, it cannot correctly detect legitimate website and identifying phishing target becomes difficult. As a second shortcoming, if the screenshot of phishing website is locally different from ones in the database, false negative occurs. In this paper, we propose visual similarity-based phishing detection scheme using image and CSS with target website finder. To remedy first shortcoming, we focus on the fact that legitimate websites are often linked by other websites and regard such website as legitimate and store the screenshot and CSS in the database. Since CSS is a file which defines the websites visual contents, attackers often steal legitimate CSS to mimic the legitimate website. Thus, by detecting the website which plagiarizes appearance or CSS of legitimate website, we detect phishing website and its target simultaneously. Moreover, we can alleviate the second shortcoming by using CSS because it is probable that the websites which have locally different appearance use identical CSS. By computer simulation with real dataset, we demonstrate our scheme improves detection accuracy while finding phishing target.
UR - http://www.scopus.com/inward/record.url?scp=85046353721&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85046353721&partnerID=8YFLogxK
U2 - 10.1109/GLOCOM.2017.8254506
DO - 10.1109/GLOCOM.2017.8254506
M3 - Conference contribution
AN - SCOPUS:85046353721
T3 - 2017 IEEE Global Communications Conference, GLOBECOM 2017 - Proceedings
SP - 1
EP - 6
BT - 2017 IEEE Global Communications Conference, GLOBECOM 2017 - Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2017 IEEE Global Communications Conference, GLOBECOM 2017
Y2 - 4 December 2017 through 8 December 2017
ER -