We propose a method for efficiently detecting phishing attacks in mobile environments. When a user visits a website of a certain URL, the proposed method first compares the URL to a generated whitelist. If the URL is not in the whitelist, it detects if the site is a phishing site based on the results of Google search with a carefully refined URL. In addition, the phishing detection is performed only when the user provides input to the website, thereby reducing the frequency of invoking phishing detection to decrease the amount of power used. We implemented the proposed method and used 8315 phishing sites and the same number of legitimate websites for evaluating the performance of the proposed method. We achieved a phishing detection rate of 99.22% with 81.22% reduction in energy consumption as compared to existing approaches that also use search engine for phishing detection. Moreover, because the proposed method does not employ any other algorithm, software, or comparison group, the proposed method can be easily deployed.
Hyungkyu LEE
Korea Advanced Institute of Science and Technology (KAIST)
Younho LEE
SeoulTech
Changho SEO
Kongju National University
Hyunsoo YOON
Korea Advanced Institute of Science and Technology (KAIST)
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Hyungkyu LEE, Younho LEE, Changho SEO, Hyunsoo YOON, "Efficient Approach for Mitigating Mobile Phishing Attacks" in IEICE TRANSACTIONS on Communications,
vol. E101-B, no. 9, pp. 1982-1996, September 2018, doi: 10.1587/transcom.2018EBP3020.
Abstract: We propose a method for efficiently detecting phishing attacks in mobile environments. When a user visits a website of a certain URL, the proposed method first compares the URL to a generated whitelist. If the URL is not in the whitelist, it detects if the site is a phishing site based on the results of Google search with a carefully refined URL. In addition, the phishing detection is performed only when the user provides input to the website, thereby reducing the frequency of invoking phishing detection to decrease the amount of power used. We implemented the proposed method and used 8315 phishing sites and the same number of legitimate websites for evaluating the performance of the proposed method. We achieved a phishing detection rate of 99.22% with 81.22% reduction in energy consumption as compared to existing approaches that also use search engine for phishing detection. Moreover, because the proposed method does not employ any other algorithm, software, or comparison group, the proposed method can be easily deployed.
URL: https://global.ieice.org/en_transactions/communications/10.1587/transcom.2018EBP3020/_p
Copy
@ARTICLE{e101-b_9_1982,
author={Hyungkyu LEE, Younho LEE, Changho SEO, Hyunsoo YOON, },
journal={IEICE TRANSACTIONS on Communications},
title={Efficient Approach for Mitigating Mobile Phishing Attacks},
year={2018},
volume={E101-B},
number={9},
pages={1982-1996},
abstract={We propose a method for efficiently detecting phishing attacks in mobile environments. When a user visits a website of a certain URL, the proposed method first compares the URL to a generated whitelist. If the URL is not in the whitelist, it detects if the site is a phishing site based on the results of Google search with a carefully refined URL. In addition, the phishing detection is performed only when the user provides input to the website, thereby reducing the frequency of invoking phishing detection to decrease the amount of power used. We implemented the proposed method and used 8315 phishing sites and the same number of legitimate websites for evaluating the performance of the proposed method. We achieved a phishing detection rate of 99.22% with 81.22% reduction in energy consumption as compared to existing approaches that also use search engine for phishing detection. Moreover, because the proposed method does not employ any other algorithm, software, or comparison group, the proposed method can be easily deployed.},
keywords={},
doi={10.1587/transcom.2018EBP3020},
ISSN={1745-1345},
month={September},}
Copy
TY - JOUR
TI - Efficient Approach for Mitigating Mobile Phishing Attacks
T2 - IEICE TRANSACTIONS on Communications
SP - 1982
EP - 1996
AU - Hyungkyu LEE
AU - Younho LEE
AU - Changho SEO
AU - Hyunsoo YOON
PY - 2018
DO - 10.1587/transcom.2018EBP3020
JO - IEICE TRANSACTIONS on Communications
SN - 1745-1345
VL - E101-B
IS - 9
JA - IEICE TRANSACTIONS on Communications
Y1 - September 2018
AB - We propose a method for efficiently detecting phishing attacks in mobile environments. When a user visits a website of a certain URL, the proposed method first compares the URL to a generated whitelist. If the URL is not in the whitelist, it detects if the site is a phishing site based on the results of Google search with a carefully refined URL. In addition, the phishing detection is performed only when the user provides input to the website, thereby reducing the frequency of invoking phishing detection to decrease the amount of power used. We implemented the proposed method and used 8315 phishing sites and the same number of legitimate websites for evaluating the performance of the proposed method. We achieved a phishing detection rate of 99.22% with 81.22% reduction in energy consumption as compared to existing approaches that also use search engine for phishing detection. Moreover, because the proposed method does not employ any other algorithm, software, or comparison group, the proposed method can be easily deployed.
ER -