An assessment of features related to phishing websites using an automated technique

Rami M. Mohammad, Fadi Thabtah, Lee McCluskey

Research output: Chapter in Book/Report/Conference proceedingConference contribution

54 Citations (Scopus)

Abstract

Corporations that offer online trading can achieve a competitive edge by serving worldwide clients. Nevertheless, online trading faces many obstacles such as the unsecured money orders. Phishing is considered a form of internet crime that is defined as the art of mimicking a website of an honest enterprise aiming to acquire confidential information such as usernames, passwords and social security number. There are some characteristics that distinguish phishing websites from legitimate ones such as long URL, IP address in URL, adding prefix and suffix to domain and request URL, etc. In this paper, we explore important features that are automatically extracted from websites using a new tool instead of relying on an experienced human in the extraction process and then judge on the features importance in deciding website legitimacy. Our research aims to develop a group of features that have been shown to be sound and effective in predicting phishing websites and to extract those features according to new scientific precise rules.

Original languageEnglish
Title of host publication2012 International Conference for Internet Technology and Secured Transactions (ICITST 2012)
Subtitle of host publicationICITST 2012
PublisherIEEE
Pages492-497
Number of pages6
ISBN (Electronic)9781908320087
ISBN (Print)9781467353250
Publication statusPublished - 11 Mar 2013
Event7th International Conference for Internet Technology and Secured Transactions - London, United Kingdom
Duration: 10 Dec 201212 Dec 2012
Conference number: 7

Conference

Conference7th International Conference for Internet Technology and Secured Transactions
Abbreviated titleICITST 2012
CountryUnited Kingdom
CityLondon
Period10/12/1212/12/12

Fingerprint

Websites
Crime
Industry
Acoustic waves
Internet

Cite this

Mohammad, R. M., Thabtah, F., & McCluskey, L. (2013). An assessment of features related to phishing websites using an automated technique. In 2012 International Conference for Internet Technology and Secured Transactions (ICITST 2012): ICITST 2012 (pp. 492-497). [6470857] IEEE.
Mohammad, Rami M. ; Thabtah, Fadi ; McCluskey, Lee. / An assessment of features related to phishing websites using an automated technique. 2012 International Conference for Internet Technology and Secured Transactions (ICITST 2012): ICITST 2012. IEEE, 2013. pp. 492-497
@inproceedings{0bf36f5582264bed911ca968040f3dfa,
title = "An assessment of features related to phishing websites using an automated technique",
abstract = "Corporations that offer online trading can achieve a competitive edge by serving worldwide clients. Nevertheless, online trading faces many obstacles such as the unsecured money orders. Phishing is considered a form of internet crime that is defined as the art of mimicking a website of an honest enterprise aiming to acquire confidential information such as usernames, passwords and social security number. There are some characteristics that distinguish phishing websites from legitimate ones such as long URL, IP address in URL, adding prefix and suffix to domain and request URL, etc. In this paper, we explore important features that are automatically extracted from websites using a new tool instead of relying on an experienced human in the extraction process and then judge on the features importance in deciding website legitimacy. Our research aims to develop a group of features that have been shown to be sound and effective in predicting phishing websites and to extract those features according to new scientific precise rules.",
keywords = "features extraction, Phishing, Rule, Security, Website features",
author = "Mohammad, {Rami M.} and Fadi Thabtah and Lee McCluskey",
year = "2013",
month = "3",
day = "11",
language = "English",
isbn = "9781467353250",
pages = "492--497",
booktitle = "2012 International Conference for Internet Technology and Secured Transactions (ICITST 2012)",
publisher = "IEEE",

}

Mohammad, RM, Thabtah, F & McCluskey, L 2013, An assessment of features related to phishing websites using an automated technique. in 2012 International Conference for Internet Technology and Secured Transactions (ICITST 2012): ICITST 2012., 6470857, IEEE, pp. 492-497, 7th International Conference for Internet Technology and Secured Transactions, London, United Kingdom, 10/12/12.

An assessment of features related to phishing websites using an automated technique. / Mohammad, Rami M.; Thabtah, Fadi; McCluskey, Lee.

2012 International Conference for Internet Technology and Secured Transactions (ICITST 2012): ICITST 2012. IEEE, 2013. p. 492-497 6470857.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - An assessment of features related to phishing websites using an automated technique

AU - Mohammad, Rami M.

AU - Thabtah, Fadi

AU - McCluskey, Lee

PY - 2013/3/11

Y1 - 2013/3/11

N2 - Corporations that offer online trading can achieve a competitive edge by serving worldwide clients. Nevertheless, online trading faces many obstacles such as the unsecured money orders. Phishing is considered a form of internet crime that is defined as the art of mimicking a website of an honest enterprise aiming to acquire confidential information such as usernames, passwords and social security number. There are some characteristics that distinguish phishing websites from legitimate ones such as long URL, IP address in URL, adding prefix and suffix to domain and request URL, etc. In this paper, we explore important features that are automatically extracted from websites using a new tool instead of relying on an experienced human in the extraction process and then judge on the features importance in deciding website legitimacy. Our research aims to develop a group of features that have been shown to be sound and effective in predicting phishing websites and to extract those features according to new scientific precise rules.

AB - Corporations that offer online trading can achieve a competitive edge by serving worldwide clients. Nevertheless, online trading faces many obstacles such as the unsecured money orders. Phishing is considered a form of internet crime that is defined as the art of mimicking a website of an honest enterprise aiming to acquire confidential information such as usernames, passwords and social security number. There are some characteristics that distinguish phishing websites from legitimate ones such as long URL, IP address in URL, adding prefix and suffix to domain and request URL, etc. In this paper, we explore important features that are automatically extracted from websites using a new tool instead of relying on an experienced human in the extraction process and then judge on the features importance in deciding website legitimacy. Our research aims to develop a group of features that have been shown to be sound and effective in predicting phishing websites and to extract those features according to new scientific precise rules.

KW - features extraction

KW - Phishing

KW - Rule

KW - Security

KW - Website features

UR - http://www.scopus.com/inward/record.url?scp=84876192223&partnerID=8YFLogxK

M3 - Conference contribution

SN - 9781467353250

SP - 492

EP - 497

BT - 2012 International Conference for Internet Technology and Secured Transactions (ICITST 2012)

PB - IEEE

ER -

Mohammad RM, Thabtah F, McCluskey L. An assessment of features related to phishing websites using an automated technique. In 2012 International Conference for Internet Technology and Secured Transactions (ICITST 2012): ICITST 2012. IEEE. 2013. p. 492-497. 6470857