Adopting Automated Whitelist Approach for Detecting Phishing Attacks

Abstract

Phishing is considered a great scourge in cyberspace. Presently, there are two major challenges known with the existing anti-phishing solutions. Low detection rate and lack of quick access time in a real-time environment. However, it has been established that blacklist solution methods offer quick and immediate access time but with a low detection rate. This research paper presents an automated white-list approach for detecting phishing attacks. The white-list is determined by carrying out a detailed analysis between the visual link and the actual link. The similarities of the known trusted site are calculated by juxtaposing the domain name with the contents of the whitelist and later match it with the IP address before a decision is made and further analyzing the actual link and the visual link by calculating the similarities of the known trusted site. The technique then takes a final decision on the extracted information from the hyperlink, which can also be obtained from the web address provided by the user. The experiments carried out provided a very high level of accuracy, specifically, when the dataset was relatively at the lowest level. Six different datasets were used to perform the experiments. The average accuracy obtained after the six experiments was 96.17% and the approach detects phishing sites with a 95.0% true positive rate. It was observed that the level of accuracy varies from one dataset to another. This result shows that the proposed method performs better than similar approaches benchmarked with. The efficiency of the approach was further established through its computation time, memory, bandwidth as well as other computational resources that were utilized with the minimum requirements when compared with other approaches. This solution has provided immense benefits over the existing solutions by reducing the memory requirements and computational complexity, among other benefits. It has also shown that the proposed method can provide more robust detection performances when compared to other techniques. (c) 2021 Elsevier Ltd. All rights reserved.