PhishKiller: Uma Ferramenta para Detecção e Mitigação de Ataques de Phishing Através de Técnicas de Deep Learning

  • Cristian Souza LaTARC Research Lab
  • Marcilio Lemos LaTARC Research Lab / UFRN
  • Felipe Silva LaTARC Research Lab / UFRN
  • Robinson Alves IFRN

Resumo


A expansão da Internet expandiu as possibilidades de ações fraudulentas. Entre essas ações, destaca-se a atividade de phishing, criada com o objetivo de capturar as credenciais do usuário através de uma página falsa similar à do serviço original. Diante disso, este trabalho propõe o PhishKiller, uma ferramenta capaz de detectar e mitigar ataques de phishing, utilizando um proxy para interceptação dos endereços acessados pelo usuário e técnicas de deep learning não baseadas em parâmetros para classificação dos URLs. As avaliações demonstraram a viabilidade do PhishKiller, que teve uma acurácia de 98.3% na detecção de endereços maliciosos e tempo de processamento médio de 81.68ms por requisição.

Referências

Abdi, H. and Williams, L. J. (2010). Principal component analysis. Wiley interdisciplinary reviews: computational statistics, 2(4):433–459.

Belabed, A., A¨meur, E., and Chikh, A. (2012). A personalized whitelist approach for phishing webpage detection. In 2012 Seventh International Conference on Availability, Reliability and Security, pages 249–254. IEEE.

Breiman, L. (2001). Random forests. Machine learning, 45(1):5–32.

Desai, A., Jatakia, J., Naik, R., and Raul, N. (2017). Malicious web content detection using machine leaning. In 2017 2nd IEEE International Conference on Recent Trends in Electronics, Information & Communication Technology (RTEICT), pages 1432–1436. IEEE.

Dumoulin, V. and Visin, F. (2016). A guide to convolution arithmetic for deep learning. arXiv preprint arXiv:1603.07285.

Hochreiter, S. and Schmidhuber, J. (1997). Long short-term memory. Neural computation, 9(8):1735–1780.

Jain, A. K. and Gupta, B. B. (2018). Towards detection of phishing websites on client-side using machine learning based approach. Telecommunication Systems, 68(4):687–700.

KP, S. et al. (2018). A short review on applications of deep learning for cyber security. arXiv preprint arXiv:1812.06292.

Marchal, S., François, J., State, R., and Engel, T. (2014). Phishstorm: Detecting phishing with streaming analytics. IEEE Transactions on Network and Service Management, 11(4):458–471.

Mikolov, T., Sutskever, I., Chen, K., Corrado, G. S., and Dean, J. (2013). Distributed representations of words and phrases and their compositionality. In Advances in neural information processing systems, pages 3111–3119.

Niakanlahiji, A., Chu, B.-T., and Al-Shaer, E. (2018). Phishmon: A machine learning framework for detecting phishing webpages. In 2018 IEEE International Conference on Intelligence and Security Informatics (ISI), pages 220–225. IEEE.

Sahingoz, O. K., Buber, E., Demir, O., and Diri, B. (2019). Machine learning based phishing detection from urls. Expert Systems with Applications, 117:345–357.

Scholkopf, B. and Smola, A. J. (2001). Learning with kernels: support vector machines, regularization, optimization, and beyond. MIT press.

Shafranovich, Y. (2005). Common format and mime type for comma-separated values (csv) les. RFC 4180, RFC Editor.

Srivastava, N., Hinton, G., Krizhevsky, A., Sutskever, I., and Salakhutdinov, R. (2014). Dropout: a simple way to prevent neural networks from overtting. The Journal of Machine Learning Research, 15(1):1929–1958.

Team, V. R. (2017). 2017 data breach investigations report.

Tyagi, I., Shad, J., Sharma, S., Gaur, S., and Kaur, G. (2018). A novel machine learning approach to detect phishing websites. In 2018 5th International Conference on Signal Processing and Integrated Networks (SPIN), pages 425–430. IEEE.

Volkamer, M., Renaud, K., Reinheimer, B., and Kunz, A. (2017). User experiences of torpedo: tooltip-powered phishing email detection. Computers & Security, 71:100– 113.
Publicado
02/09/2019
SOUZA, Cristian; LEMOS, Marcilio; SILVA, Felipe; ALVES, Robinson. PhishKiller: Uma Ferramenta para Detecção e Mitigação de Ataques de Phishing Através de Técnicas de Deep Learning. In: WORKSHOP DE TRABALHOS DE INICIAÇÃO CIENTÍFICA E DE GRADUAÇÃO - SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 19. , 2019, São Paulo. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2019 . p. 81-90. DOI: https://doi.org/10.5753/sbseg_estendido.2019.14009.