Review on Phishing Attack Detection Techniques

  • Neel Dholakia
  • Pragati Agrawal
Keywords: Machine Learning, Phishing Detection, Blacklist, Heuristics, Classification

Abstract

Phishing attacks capitalize on human errors and target the vulnerabilities formed due to it. Most of the attacks are aimed at stealing private information from users, which spread via different mechanisms. There is no single solution to this problem to effectively nullify all the attacks but multiple techniques have been developed to defend against these attacks. This paper reviews the work on the detection of phishing attacks. In this paper, we aim to study the techniques which mainly detect and help in preventing phishing attacks rather than mitigating them. A general run-through of the most successful techniques for phishing attack detection has been presented here.

Downloads

Download data is not yet available.

References

[1]E. Khonji, Y. Iraqi, and A. Jones, Phishing detection:a literature survey, pp. 2091–2121. IEEE Communications Surveys and Tutorials, Vol. 15, Issue 4, 2013.
[2]PhishTank, “What is phishing.” https://www.phishtank.com/what is phishing.php. Accessed March 2020.
[3]C. Whittaker, B. Ryner, and M. Nazif, Large-scale automatic classification of phishing pages. NDSS ’10, 2010.
[4]S. Sheng, M. Holbrook, P. Kumaraguru, L. Cranor, and J. Downs, Who falls for phish? a demographic analysis of phishing susceptibility and effectiveness of interventions, p. 373–382. Proceedings of the 28th international conference on Human factors in computing systems, ser. CHI ’10.New York, NY, USA: ACM, 2010.
[5]K. Mitnick, “Phishing attacks are the number one data breach attack vector in the u.k..” https://blog.knowbe4.com/ phishing-attacks-are-the-number-one-data-breach-attack-vector-in-the-u.k. Accessed March 2020.
[6]V. Patil, P. Thakkar, C. Shah, T. Bhat, and S. Godse, Detection and prevention of phishing websites using machine learning approach. Fourth International Conference on Computing Communication Control and Automaton, Pune, India: IEEE, 2018.
[7]Google, “Safe browsing.” https://developers.google.com/safe-browsing. Accessed March 2020.
[8]P. Sandhu, Google safe browsing - web security, p. 283–287. IJCSET: July, Vol 5, Issue 7, 2015.
[9]Microsoft, “Smartscreen faq.” https://support.microsoft.com/en-in/help/ 17443/microsoft-edge-smartscreen-faq. Accessed March 2020.
[10]Y. Zhang, J. Hong, and L. Cranor, Cantina: a content-based approach to detecting phishing web sites, p. 639–648. Proceedings of the 16th international conference on World Wide Web, ser. WWW ’07. New York, NY, USA: ACM, 2007.
[11]T. Phelps and R. Wilensky, Robust Hyperlinks and Locations. D-Lib Magazine, vol. 6, no. 7/8, July, 2000.
[12]G. Xiang, J. Hong, C. P. Rose, and L. Cranor, CANTINA+: A feature-rich machine learning framework for detecting phishing Web sites. ACM Trans. Inf. Syst. Secur. 14, 2, Article 21, 2011.
[13]S. Garera, N. Provos, M. Chew, and L. Rubin, A framework for detection and measurement of phishing attacks, p. 1–8. Proceedings of the 2007 ACM Workshop on Recurring Malcode (WORM’07), 2007.
[14]F. Toolan and J. Carthy, Phishing detection using classifier ensembles,p. 1–9. eCrime Researchers Summit, 2009. eCRIME ’09, 2009.
[15]S. Marchal, G. Armano, T. Gro¨ndahl, K. Saari, N. Singh, and N. Asokan, Off-the-hook: an efficient and usable client-side phishing prevention application, p. 1717–1733. IEEE Transactions on Computers, Vol. 66, Issue 10, Oct., 2017.
[16]S. Abu-Nimeh, D. Nappa, X. Wang, and S. Nair, A comparison of machine learning techniques for phishing detection. Conference: Proceedings of the Anti-Phishing Working Groups 2nd Annual eCrime Researchers Summit 2007, Pittsburgh, Pennsylvania, USA, October, 2007.
[17]A. Akinyelu and A. Adewumi, Classification of phishing email using random forest machine learning technique. Journal of Applied Mathematics, 2014.
[18]B. Wei, R. Hamad, L. Yang, X. He, H. Wang, B. Gao, and W. Woo, A Deep-Learning-Driven Light-Weight Phishing Detection Sensor. Sensor Signal and Information Processing II, 2019.
Published
2020-08-29
How to Cite
Dholakia, N., & Agrawal, P. (2020). Review on Phishing Attack Detection Techniques. Asian Journal For Convergence In Technology (AJCT), 6(2), 41-47. Retrieved from http://asianssr.org/index.php/ajct/article/view/963