Phishing website detection using intelligent data mining techniques. Design and development of an intelligent association classification mining fuzzy based scheme for phishing website detection with an emphasis on E-banking.

摘要

Phishing techniques have not only grown in number, but also in sophistication. Phishers mightudhave a lot of approaches and tactics to conduct a well-designed phishing attack. The targets ofudthe phishing attacks, which are mainly on-line banking consumers and payment serviceudproviders, are facing substantial financial loss and lack of trust in Internet-based services. Inudorder to overcome these, there is an urgent need to find solutions to combat phishing attacks.udDetecting phishing website is a complex task which requires significant expert knowledge andudexperience. So far, various solutions have been proposed and developed to address theseudproblems. Most of these approaches are not able to make a decision dynamically on whether theudsite is in fact phished, giving rise to a large number of false positives. This is mainly due toudlimitation of the previously proposed approaches, for example depending only on fixed blackudand white listing database, missing of human intelligence and experts, poor scalability and theirudtimeliness.udIn this research we investigated and developed the application of an intelligent fuzzy-basedudclassification system for e-banking phishing website detection. The main aim of the proposedudsystem is to provide protection to users from phishers deception tricks, giving them the abilityudto detect the legitimacy of the websites. The proposed intelligent phishing detection systemudemployed Fuzzy Logic (FL) model with association classification mining algorithms. Theudapproach combined the capabilities of fuzzy reasoning in measuring imprecise and dynamicudphishing features, with the capability to classify the phishing fuzzy rules. Different phishing experiments which cover all phishing attacks, motivations and deceptionudbehaviour techniques have been conducted to cover all phishing concerns. A layered fuzzyudstructure has been constructed for all gathered and extracted phishing website features andudpatterns. These have been divided into 6 criteria and distributed to 3 layers, based on their attackudtype. To reduce human knowledge intervention, Different classification and associationudalgorithms have been implemented to generate fuzzy phishing rules automatically, to beudintegrated inside the fuzzy inference engine for the final phishing detection.udExperimental results demonstrated that the ability of the learning approach to identify alludrelevant fuzzy rules from the training data set. A comparative study and analysis showed thatudthe proposed learning approach has a higher degree of predictive and detective capability thanudexisting models. Experiments also showed significance of some important phishing criteria likeudURL & Domain Identity, Security & Encryption to the final phishing detection rate.udFinally, our proposed intelligent phishing website detection system was developed, tested andudvalidated by incorporating the scheme as a web based plug-ins phishing toolbar. The resultsudobtained are promising and showed that our intelligent fuzzy based classification detectionudsystem can provide an effective help for real-time phishing website detection. The toolbarudsuccessfully recognized and detected approximately 92% of the phishing websites selected fromudour test data set, avoiding many miss-classified websites and false phishing alarms.