{"title":"金钱说话:通过分析其建设成本检测一次性网络钓鱼网站","authors":"Daiki Ito, Yuta Takata, Masaki Kamizono","doi":"10.1109/TPS-ISA56441.2022.00022","DOIUrl":null,"url":null,"abstract":"Websites unfortunately play a powerful role in delivering malicious content to users during cyberattacks. In particular, the threat of phishing websites that tricks users by abusing their corporate and brand names is increasing. Building a website requires infrastructure costs (e.g., domain name fees) and operational costs (e.g., managing server settings). Additionally, many companies spend considerable resources managing their own IT assets and security countermeasures. Even when phishing websites are taken down, attackers persist by scrapping and rebuilding them, as doing so is inexpensive. Notably, there are significant differences in website building costs between companies and attackers. In this study, we propose a method of analyzing the costs incurred in a process of building websites from domain name registration to website deployment to detect phishing websites. We evaluate our method using data from 1,082 large corporate websites and 1,163 phishing websites. As a result, our method achieves a detection performance of 95% precision and 96% recall. In addition, we show that our method still achieves a 95% recall for 866 phishing websites even after six months and the indicator of website building costs is robust to concept drift. We further discuss the applicability of the cost indicator.","PeriodicalId":427887,"journal":{"name":"2022 IEEE 4th International Conference on Trust, Privacy and Security in Intelligent Systems, and Applications (TPS-ISA)","volume":"96 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Money Talks: Detection of Disposable Phishing Websites by Analyzing Its Building Costs\",\"authors\":\"Daiki Ito, Yuta Takata, Masaki Kamizono\",\"doi\":\"10.1109/TPS-ISA56441.2022.00022\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Websites unfortunately play a powerful role in delivering malicious content to users during cyberattacks. In particular, the threat of phishing websites that tricks users by abusing their corporate and brand names is increasing. Building a website requires infrastructure costs (e.g., domain name fees) and operational costs (e.g., managing server settings). Additionally, many companies spend considerable resources managing their own IT assets and security countermeasures. Even when phishing websites are taken down, attackers persist by scrapping and rebuilding them, as doing so is inexpensive. Notably, there are significant differences in website building costs between companies and attackers. In this study, we propose a method of analyzing the costs incurred in a process of building websites from domain name registration to website deployment to detect phishing websites. We evaluate our method using data from 1,082 large corporate websites and 1,163 phishing websites. As a result, our method achieves a detection performance of 95% precision and 96% recall. In addition, we show that our method still achieves a 95% recall for 866 phishing websites even after six months and the indicator of website building costs is robust to concept drift. We further discuss the applicability of the cost indicator.\",\"PeriodicalId\":427887,\"journal\":{\"name\":\"2022 IEEE 4th International Conference on Trust, Privacy and Security in Intelligent Systems, and Applications (TPS-ISA)\",\"volume\":\"96 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE 4th International Conference on Trust, Privacy and Security in Intelligent Systems, and Applications (TPS-ISA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/TPS-ISA56441.2022.00022\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE 4th International Conference on Trust, Privacy and Security in Intelligent Systems, and Applications (TPS-ISA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TPS-ISA56441.2022.00022","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Money Talks: Detection of Disposable Phishing Websites by Analyzing Its Building Costs
Websites unfortunately play a powerful role in delivering malicious content to users during cyberattacks. In particular, the threat of phishing websites that tricks users by abusing their corporate and brand names is increasing. Building a website requires infrastructure costs (e.g., domain name fees) and operational costs (e.g., managing server settings). Additionally, many companies spend considerable resources managing their own IT assets and security countermeasures. Even when phishing websites are taken down, attackers persist by scrapping and rebuilding them, as doing so is inexpensive. Notably, there are significant differences in website building costs between companies and attackers. In this study, we propose a method of analyzing the costs incurred in a process of building websites from domain name registration to website deployment to detect phishing websites. We evaluate our method using data from 1,082 large corporate websites and 1,163 phishing websites. As a result, our method achieves a detection performance of 95% precision and 96% recall. In addition, we show that our method still achieves a 95% recall for 866 phishing websites even after six months and the indicator of website building costs is robust to concept drift. We further discuss the applicability of the cost indicator.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
