Xphide: Um Sistema Especialista para a Detecção de Phishing
Abstract
Phishing is a type of cybercrime that targets the theft of a user's personal data through disguise and deception. This article proposes Xphide, a specialist system for detecting malicious pages. The basis of the system's construction was made through an in-depth analysis regarding relevant attributes for the description of web pages. This analysis served as input for the elaboration of Xphide's decision-making rules. The proposed system was evaluated in three different databases. The results showed that it surpassed traditional classification algorithms in terms of precision and recall, proving to be a promising alternative for the classification of web pages.References
Abdelhamid, N., Ayesh, A., and Thabtah, F. (2014). Phishing detection based associative classification data mining. Expert Systems with Applications, 41(13):5948–5959.
Banu, M. N. and Banu, S. M. (2013). A comprehensive study of phishing attacks. International Journal of Computer Science and Information Technologies, 4(6):783–786.
Barros, M., Silva, C., and Miranda, P. (2019). Adoção da seleção de características como mecanismo antiphishing: aplicabilidade e impactos. In Anais do XVI Encontro Nacional de Inteligência Artificial e Computacional, pages 214–225. SBC.
Fette, I., Sadeh, N., and Tomasic, A. (2007). Learning to detect phishing emails. In Proceedings of the 16th international conference on World Wide Web, pages 649–656. ACM.
Jagatic, T. N., Johnson, N. A., Jakobsson, M., and Menczer, F. (2007). Social phishing. Communications of the ACM, 50(10):94–100.
McGrath, D. K. and Gupta, M. (2008). Behind phishing: An examination of phisher modi operandi. LEET, 8:4.
Moghimi, M. and Varjani, A. Y. (2016). New rule-based phishing detection method. Expert systems with applications, 53:231–242.
Mohammad, R. M., Thabtah, F., and McCluskey, L. (2015). Tutorial and critical analysis of phishing websites methods. Computer Science Review, 17:1–24.
Silva, C. M. R., Feitosa, E. L., and Garcia, V. C. (2019). Heuristic-based strategy for phishing prediction: A survey of urlbased approach. Computers & Security.
Tsymbal, A. (2004). The problem of concept drift: definitions and related work. Computer Science Department, Trinity College Dublin, 106(2):58.
Banu, M. N. and Banu, S. M. (2013). A comprehensive study of phishing attacks. International Journal of Computer Science and Information Technologies, 4(6):783–786.
Barros, M., Silva, C., and Miranda, P. (2019). Adoção da seleção de características como mecanismo antiphishing: aplicabilidade e impactos. In Anais do XVI Encontro Nacional de Inteligência Artificial e Computacional, pages 214–225. SBC.
Fette, I., Sadeh, N., and Tomasic, A. (2007). Learning to detect phishing emails. In Proceedings of the 16th international conference on World Wide Web, pages 649–656. ACM.
Jagatic, T. N., Johnson, N. A., Jakobsson, M., and Menczer, F. (2007). Social phishing. Communications of the ACM, 50(10):94–100.
McGrath, D. K. and Gupta, M. (2008). Behind phishing: An examination of phisher modi operandi. LEET, 8:4.
Moghimi, M. and Varjani, A. Y. (2016). New rule-based phishing detection method. Expert systems with applications, 53:231–242.
Mohammad, R. M., Thabtah, F., and McCluskey, L. (2015). Tutorial and critical analysis of phishing websites methods. Computer Science Review, 17:1–24.
Silva, C. M. R., Feitosa, E. L., and Garcia, V. C. (2019). Heuristic-based strategy for phishing prediction: A survey of urlbased approach. Computers & Security.
Tsymbal, A. (2004). The problem of concept drift: definitions and related work. Computer Science Department, Trinity College Dublin, 106(2):58.
Published
2020-10-13
How to Cite
BARROS, Mateus L. S. D. de; SILVA, Carlo M. R. da; MIRANDA, Péricles B. C. de.
Xphide: Um Sistema Especialista para a Detecção de Phishing. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 20. , 2020, Petrópolis.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2020
.
p. 161-174.
DOI: https://doi.org/10.5753/sbseg.2020.19235.
