Phishing Website Detection Using Website Logo

Phishing is an online security threat that combines social engineering and website deceiving technique to steal internet users’ confidential credential. In order to protect internet users from phishing attacks, a hybrid phishing detection method has been proposed. The proposed method utilises logo i...

Full description

Saved in:
Bibliographic Details
Main Author: Chang, Ee Hung
Format: Thesis
Language:English
Published: Universiti Malaysia Sarawak (UNIMAS) 2019
Subjects:
Online Access:http://ir.unimas.my/id/eprint/25607/1/Chang%20Ee%20ft.pdf
http://ir.unimas.my/id/eprint/25607/
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.unimas.ir.25607
record_format eprints
spelling my.unimas.ir.256072024-02-20T05:02:04Z http://ir.unimas.my/id/eprint/25607/ Phishing Website Detection Using Website Logo Chang, Ee Hung QA75 Electronic computers. Computer science Phishing is an online security threat that combines social engineering and website deceiving technique to steal internet users’ confidential credential. In order to protect internet users from phishing attacks, a hybrid phishing detection method has been proposed. The proposed method utilises logo image and search-engine to determine the identity consistency of a query website, where consistent identity indicates legitimate website and inconsistent identity indicates phishing website. The proposed method consists of two processes, namely logo extraction and identity verification. The first process will detect and extract the logo image from all the downloaded image resources of a webpage. Machine learning was integrated into the first process in order to ensure correct detection of the logo image. Based on the extracted logo image, the second process will employ the Google Image Search engine to retrieve the portrayed identity. Since the relationship of the logo and domain name is exclusive, the domain name is referred as the identity. A comparison will be performed between the domain names that are returned by Google with the one from the query website to verify the identity. Experiments were conducted over 1,000 samples with the true positive rate of 99.80% while the true negative rate is 87.00%. The promising results showed the reliability and capability of proposed method in detecting phishing websites. Benchmarking results also demonstrated the proposed method is superior than the existing similar method. In summary, the proposed method proved the effectiveness and feasibility of using a graphical element such as the logo in identity determination and phishing detection. Keywords: Phishing detection, website logo, website identity, Google image search, identity consistency, logo extraction Universiti Malaysia Sarawak (UNIMAS) 2019 Thesis NonPeerReviewed text en http://ir.unimas.my/id/eprint/25607/1/Chang%20Ee%20ft.pdf Chang, Ee Hung (2019) Phishing Website Detection Using Website Logo. Masters thesis, University Malaysia Sarawak.
institution Universiti Malaysia Sarawak
building Centre for Academic Information Services (CAIS)
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Malaysia Sarawak
content_source UNIMAS Institutional Repository
url_provider http://ir.unimas.my/
language English
topic QA75 Electronic computers. Computer science
spellingShingle QA75 Electronic computers. Computer science
Chang, Ee Hung
Phishing Website Detection Using Website Logo
description Phishing is an online security threat that combines social engineering and website deceiving technique to steal internet users’ confidential credential. In order to protect internet users from phishing attacks, a hybrid phishing detection method has been proposed. The proposed method utilises logo image and search-engine to determine the identity consistency of a query website, where consistent identity indicates legitimate website and inconsistent identity indicates phishing website. The proposed method consists of two processes, namely logo extraction and identity verification. The first process will detect and extract the logo image from all the downloaded image resources of a webpage. Machine learning was integrated into the first process in order to ensure correct detection of the logo image. Based on the extracted logo image, the second process will employ the Google Image Search engine to retrieve the portrayed identity. Since the relationship of the logo and domain name is exclusive, the domain name is referred as the identity. A comparison will be performed between the domain names that are returned by Google with the one from the query website to verify the identity. Experiments were conducted over 1,000 samples with the true positive rate of 99.80% while the true negative rate is 87.00%. The promising results showed the reliability and capability of proposed method in detecting phishing websites. Benchmarking results also demonstrated the proposed method is superior than the existing similar method. In summary, the proposed method proved the effectiveness and feasibility of using a graphical element such as the logo in identity determination and phishing detection. Keywords: Phishing detection, website logo, website identity, Google image search, identity consistency, logo extraction
format Thesis
author Chang, Ee Hung
author_facet Chang, Ee Hung
author_sort Chang, Ee Hung
title Phishing Website Detection Using Website Logo
title_short Phishing Website Detection Using Website Logo
title_full Phishing Website Detection Using Website Logo
title_fullStr Phishing Website Detection Using Website Logo
title_full_unstemmed Phishing Website Detection Using Website Logo
title_sort phishing website detection using website logo
publisher Universiti Malaysia Sarawak (UNIMAS)
publishDate 2019
url http://ir.unimas.my/id/eprint/25607/1/Chang%20Ee%20ft.pdf
http://ir.unimas.my/id/eprint/25607/
_version_ 1792160635806547968
score 13.211869