基于网站结构相似性的钓鱼网站检测

Shoma Tanaka, T. Matsunaka, A. Yamada, A. Kubota
{"title":"基于网站结构相似性的钓鱼网站检测","authors":"Shoma Tanaka, T. Matsunaka, A. Yamada, A. Kubota","doi":"10.1109/DSC49826.2021.9346256","DOIUrl":null,"url":null,"abstract":"The number of phishing sites is increasing and becoming a problem. General phishing sites often have very short lives. Phishers are thought to construct phishing sites using tools such as phishing kits. Phishing sites constructed using the same tools have similar website structures. We propose a new method based on the similarity of website structure information defined by the types and sizes of web resources that make up these websites. Our method can detect phishing sites that is not registered with blocklists or do not have similar URL strings with targeting legitimate sites. In addition, our method can identify phishing sites that differed in appearance but have similar website structures. Our method is particularly effective for detecting phishing sites constructed by the same phishers or using the same tools, as our method identifies structural similarity between websites. We conducted an evaluation to confirm the correctness of our assumption using phishing sites constructed using phishing kits and the PhishTank dataset. We found a large number of phishing sites that were structurally similar to phishing sites constructed using phishing kits. We applied our method to web access logs provided by ordinary Japanese citizens, and detected some unknown phishing sites. We have also examined the possibility of improving our method based on the importance of web resources, determined using the number of occurrences in web access logs.","PeriodicalId":184504,"journal":{"name":"2021 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-01-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Phishing Site Detection Using Similarity of Website Structure\",\"authors\":\"Shoma Tanaka, T. Matsunaka, A. Yamada, A. Kubota\",\"doi\":\"10.1109/DSC49826.2021.9346256\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The number of phishing sites is increasing and becoming a problem. General phishing sites often have very short lives. Phishers are thought to construct phishing sites using tools such as phishing kits. Phishing sites constructed using the same tools have similar website structures. We propose a new method based on the similarity of website structure information defined by the types and sizes of web resources that make up these websites. Our method can detect phishing sites that is not registered with blocklists or do not have similar URL strings with targeting legitimate sites. In addition, our method can identify phishing sites that differed in appearance but have similar website structures. Our method is particularly effective for detecting phishing sites constructed by the same phishers or using the same tools, as our method identifies structural similarity between websites. We conducted an evaluation to confirm the correctness of our assumption using phishing sites constructed using phishing kits and the PhishTank dataset. We found a large number of phishing sites that were structurally similar to phishing sites constructed using phishing kits. We applied our method to web access logs provided by ordinary Japanese citizens, and detected some unknown phishing sites. We have also examined the possibility of improving our method based on the importance of web resources, determined using the number of occurrences in web access logs.\",\"PeriodicalId\":184504,\"journal\":{\"name\":\"2021 IEEE Conference on Dependable and Secure Computing (DSC)\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-01-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE Conference on Dependable and Secure Computing (DSC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DSC49826.2021.9346256\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE Conference on Dependable and Secure Computing (DSC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSC49826.2021.9346256","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5

摘要

网络钓鱼网站的数量正在增加,并成为一个问题。一般的网络钓鱼网站通常寿命很短。网络钓鱼者被认为是使用诸如网络钓鱼工具包之类的工具来构建网络钓鱼网站。使用相同工具构建的钓鱼网站具有相似的网站结构。我们提出了一种基于网站结构信息相似性的新方法,这些相似性由组成这些网站的网络资源的类型和大小所定义。我们的方法可以检测未在阻止列表中注册或与目标合法网站没有相似URL字符串的网络钓鱼网站。此外,我们的方法可以识别外观不同但网站结构相似的网络钓鱼网站。我们的方法对于检测由相同的钓鱼者或使用相同的工具构建的钓鱼网站特别有效,因为我们的方法可以识别网站之间的结构相似性。我们使用使用钓鱼工具包和PhishTank数据集构建的钓鱼网站进行了评估,以确认我们假设的正确性。我们发现大量的网络钓鱼网站在结构上与使用网络钓鱼工具包构建的网络钓鱼网站相似。我们将我们的方法应用到日本普通公民提供的网络访问日志中,发现了一些未知的网络钓鱼网站。我们还检查了基于web资源的重要性改进方法的可能性,使用web访问日志中的出现次数来确定。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Phishing Site Detection Using Similarity of Website Structure
The number of phishing sites is increasing and becoming a problem. General phishing sites often have very short lives. Phishers are thought to construct phishing sites using tools such as phishing kits. Phishing sites constructed using the same tools have similar website structures. We propose a new method based on the similarity of website structure information defined by the types and sizes of web resources that make up these websites. Our method can detect phishing sites that is not registered with blocklists or do not have similar URL strings with targeting legitimate sites. In addition, our method can identify phishing sites that differed in appearance but have similar website structures. Our method is particularly effective for detecting phishing sites constructed by the same phishers or using the same tools, as our method identifies structural similarity between websites. We conducted an evaluation to confirm the correctness of our assumption using phishing sites constructed using phishing kits and the PhishTank dataset. We found a large number of phishing sites that were structurally similar to phishing sites constructed using phishing kits. We applied our method to web access logs provided by ordinary Japanese citizens, and detected some unknown phishing sites. We have also examined the possibility of improving our method based on the importance of web resources, determined using the number of occurrences in web access logs.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信