PhishZoo: Detecting Phishing Websites by Looking at Them

Citations Over TimeTop 10% of 2011 papers

Abstract

Phishing is a security attack that involves obtaining sensitive or otherwise private data by presenting oneself as a trustworthy entity. Phishers often exploit users' trust on the appearance of a site by using web pages that are visually similar to an authentic site. This paper proposes a phishing detection approach - PhishZoo - that uses profiles of trusted websites' appearances to detect phishing. Our approach provides similar accuracy to blacklisting approaches (96%), with the advantage that it can classify zero-day phishing attacks and targeted attacks against smaller sites (such as corporate intranets). A key contribution of this paper is that it includes a performance analysis and a framework for making use of computer vision techniques in a practical way.

Related Papers

• → Lexical feature based phishing URL detection using online learning(2010)193 cited
• → PhishZoo: Detecting Phishing Websites by Looking at Them(2011)184 cited
• → PhishFarm: A Scalable Framework for Measuring the Effectiveness of Evasion Techniques against Browser Phishing Blacklists(2019)100 cited
• → Proactive Discovery of Phishing Related Domain Names(2012)45 cited
• → Intelligent Phishing Website Detection Using Deep Learning(2022)15 cited