A Solution to Detect Phishing in Android Devices

摘要

Android OS is currently one of the most popular operating system in smartphones. Majority of the population today uses android phone. Use of smartphone is not bounded to calling, messaging apps or Video Chats but the users use it for financial transactions as well. There is an exponential growth in use of mobile services. Phishing is one of the major security threats in mobile devices for various reasons. Mobile phishing is dangerous because of hardware limitations of the device and the user attitude while using services on the device. Phishing is widely investigated in desktop environment but there is very little research on techniques to detect phishing on Android Device. The proposed system is a mechanism for detection of phishing on Android mobile devices. It is a hybrid solution to defend against zero-day phishing attacks. It includes 5 modules; URL Extraction, Static Analysis of URL, Web Page Foot printing, URL Based Heuristics and the SVM classifier. The system was evaluated using a dataset with 200 phishing websites URLs and 200 legitimate website URLs. The results show that 92% accuracy was achieved by the system.