PhishZoo: Detecting phishing websites by looking at them

Sadia Afroz, Rachel Greenstadt

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Phishing is a security attack that involves obtaining sensitive or otherwise private data by presenting oneself as a trustworthy entity. Phishers often exploit users' trust on the appearance of a site by using webpages that are visually similar to an authentic site. This paper proposes a phishing detection approach-PhishZoo-that uses profiles of trusted websites' appearances to detect phishing. Our approach provides similar accuracy to blacklisting approaches (96%), with the advantage that it can classify zero-day phishing attacks and targeted attacks against smaller sites (such as corporate intranets). A key contribution of this paper is that it includes a performance analysis and a framework for making use of computer vision techniques in a practical way.

    Original languageEnglish (US)
    Title of host publicationProceedings - 5th IEEE International Conference on Semantic Computing, ICSC 2011
    Pages368-375
    Number of pages8
    DOIs
    StatePublished - 2011
    Event5th Annual IEEE International Conference on Semantic Computing, ICSC 2011 - Palo Alto, CA, United States
    Duration: Sep 18 2011Sep 21 2011

    Publication series

    NameProceedings - 5th IEEE International Conference on Semantic Computing, ICSC 2011

    Conference

    Conference5th Annual IEEE International Conference on Semantic Computing, ICSC 2011
    Country/TerritoryUnited States
    CityPalo Alto, CA
    Period9/18/119/21/11

    ASJC Scopus subject areas

    • Computational Theory and Mathematics
    • Computer Science Applications
    • Theoretical Computer Science

    Fingerprint

    Dive into the research topics of 'PhishZoo: Detecting phishing websites by looking at them'. Together they form a unique fingerprint.

    Cite this