Adopting automated whitelist approach for detecting phishing attacks

No Thumbnail Available

Date

2021

Authors

Journal Title

Journal ISSN

Volume Title

Publisher

Elsevier Advanced Technology

Research Projects

Organizational Units

Thumbnail Image
Organizational Unit
Computer Engineering
(1998)
The Atılım University Department of Computer Engineering was founded in 1998. The department curriculum is prepared in a way that meets the demands for knowledge and skills after graduation, and is subject to periodical reviews and updates in line with international standards. Our Department offers education in many fields of expertise, such as software development, hardware systems, data structures, computer networks, artificial intelligence, machine learning, image processing, natural language processing, object based design, information security, and cloud computing. The education offered by our department is based on practical approaches, with modern laboratories, projects and internship programs. The undergraduate program at our department was accredited in 2014 by the Association of Evaluation and Accreditation of Engineering Programs (MÜDEK) and was granted the label EUR-ACE, valid through Europe. In addition to the undergraduate program, our department offers thesis or non-thesis graduate degree programs (MS).

Journal Issue

Abstract

Phishing is considered a great scourge in cyberspace. Presently, there are two major challenges known with the existing anti-phishing solutions. Low detection rate and lack of quick access time in a real-time environment. However, it has been established that blacklist solution methods offer quick and immediate access time but with a low detection rate. This research paper presents an automated white-list approach for detecting phishing attacks. The white-list is determined by carrying out a detailed analysis between the visual link and the actual link. The similarities of the known trusted site are calculated by juxtaposing the domain name with the contents of the whitelist and later match it with the IP address before a decision is made and further analyzing the actual link and the visual link by calculating the similarities of the known trusted site. The technique then takes a final decision on the extracted information from the hyperlink, which can also be obtained from the web address provided by the user. The experiments carried out provided a very high level of accuracy, specifically, when the dataset was relatively at the lowest level. Six different datasets were used to perform the experiments. The average accuracy obtained after the six experiments was 96.17% and the approach detects phishing sites with a 95.0% true positive rate. It was observed that the level of accuracy varies from one dataset to another. This result shows that the proposed method performs better than similar approaches benchmarked with. The efficiency of the approach was further established through its computation time, memory, bandwidth as well as other computational resources that were utilized with the minimum requirements when compared with other approaches. This solution has provided immense benefits over the existing solutions by reducing the memory requirements and computational complexity, among other benefits. It has also shown that the proposed method can provide more robust detection performances when compared to other techniques. (c) 2021 Elsevier Ltd. All rights reserved.

Description

Misra, Sanjay/0000-0002-3556-9331; Fernandez-Sanz, Luis/0000-0003-0778-0073; Abdulhamid, Shafi'i Muhammad/0000-0001-9196-9447

Keywords

Phishing, Blacklist, Whitelist, Cybersecurity, False positive, False negative

Turkish CoHE Thesis Center URL

Citation

20

WoS Q

Q2

Scopus Q

Source

Volume

108

Issue

Start Page

End Page

URI

https://doi.org/10.1016/j.cose.2021.102328
 https://hdl.handle.net/20.500.14411/2017

Collections

WOS
Scopus