Detection and avoidance of phishingWebpages

Abstract

Phishing is a webbased criminal activity Phishing sites lure naive newlineonline users to reveal their sensitive information into fake websites by newlinecamouflaging themselves as trustworthy entities Due to the short lifespan of newlinephishing websites and the rapid advancement of phishing techniques the newlineexisting antiphishing solutions are either unable to deal with the emerging newlinechanges or incapable of playing an effective role against this attack newlineIn this thesis the characteristics of legitimate and phishing newlinewebpages were investigated in depth and based on this analysis proposed newlinemethods are intended to mitigate the impact of phishing attack The first newlinemethod proposes heuristics to extract fifteen features from suspicious newlinewebpages These heuristic results were fed as an input to a trained machine newlinelearning algorithm to detect phishing sites Before applying heuristics to the newlinewebpages two preliminary screening modules are used These modules help newlinethe system to reduce superfluous computation and the rate of false positives newlinewithout compromising on the false negatives By using all of these modules newlinethis method was able to classify webpages with over 99 of precision with newlineless than 1 of false positive rate newlineAs technology advances the phishing techniques being used are newlinealso getting advanced and hence there is demand for new upgraded and robust newlineantiphishing techniques along with the existing methods newline newline