2017 IEEE International Conference on Information Reuse and Integration (IRI) (2017)
San Diego, California, USA
Aug. 4, 2017 to Aug. 6, 2017
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/IRI.2017.40
Denizens of the Internet are coming under a barrage of phishing attacks of increasing frequency and sophistication. Emails accompanied by authentic looking websites are ensnaring users who, unwittingly, hand over their credentials compromising both their privacy and security. Methods such as the blacklisting of these phishing websites become untenable and cannot keep pace with the explosion of fake sites. Detection of nefarious websites must become automated and be able to adapt to this ever evolving form of social engineering. We develop a framework, called "Fresh-Phish", for creating current machine learning data for phishing websites. Using 30 different website features that we query using python, we build a large labeled dataset and analyze several machine learning classifiers against this dataset to determine which is the most accurate. We analyze not just the accuracy of the technique, but also how long it takes to train the model.
computer crime, Internet, learning (artificial intelligence), pattern classification, unsolicited e-mail, Web sites
H. Shirazi, K. Haefner and I. Ray, "Fresh-Phish: A Framework for Auto-Detection of Phishing Websites," 2017 IEEE International Conference on Information Reuse and Integration (IRI), San Diego, California, USA, 2017, pp. 137-143.