Updated News Around the World

A deep learning-based framework to detect phishing websites

phishing
Credit: Pixabay/CC0 Public Domain

Most of us will have received a scam email that looks like it has come from our bank or an online store or other company or organization. They can look genuine but usually hidden within are malicious links that once clicked take you to a third-party server that either steals login details you enter or drops malware on your device. These are phishing emails. The deliberate misspelling of “fish” with a “ph” is related etymologically to the term “phreak” which is an abbreviated portmanteau from the 1960s meaning “phone freak” and alluding to a person who hacked phone systems for pleasure or personal gain.

Some phishing emails may have poor grammar and spelling are rarely perfect or the layout may be askew and not exactly what one would expect from a legitimate organization. Such phishing attacks are relatively easy to spot, but the close-to-perfect ones may well not be and protective systems on one’s device are then needed to avoid the user being duped into clicking a malicious link.

Writing in the International Journal of Information Privacy, Security and Integrity a team from China has developed a deep learning-based framework that might be used to detect phishing websites. Huanhuan Wang, Debin Cheng, and Hui Peng of the Fifth Electronic Research Institute of Ministry of Industry and Information Technology in Guangzhou, China, explain how their framework can extract descriptive and statistical features from a website and then determine whether these features are indicative of a phishing website. The detection of such sites could then be used in online security research and perhaps even be incorporated into browsers to protect unwary users from being phished.

The team has tested their system against two databases, one containing the website address (uniform resource locators, URLs) of 10,000 legitimate and otherwise benign sites and 13,000 URLs found in the PhishTank public dataset of sites that have previously been themselves hooked and identified as malicious. The team has demonstrated a detection accuracy of almost 99 percent, which they say is a significant improvement on earlier phish detection methods. The approach they have taken might also point to new areas of research in this area and the development and optimization of detection systems that can be incorporated into security systems for mobile and desktop devices.


How to trust your instincts to foil phishing attacks


More information:
Huanhuan Wang et al, Phishing website detection method based on CNAIR framework, International Journal of Information Privacy, Security and Integrity (2021). DOI: 10.1504/IJIPSI.2021.119167

Citation:
A deep learning-based framework to detect phishing websites (2021, December 1)
retrieved 1 December 2021
from https://techxplore.com/news/2021-12-deep-learning-based-framework-phishing-websites.html

This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no
part may be reproduced without the written permission. The content is provided for information purposes only.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! NewsUpdate is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.