Upload
mussavir-shaikh
View
612
Download
9
Tags:
Embed Size (px)
Citation preview
Presented By:
Shaikh Mussavir Ahemad
SGGS IE &T, Nanded
Intelligent Phishing detection & protection scheme for online
Transaction
Outline
Introduction Methodology Feature extraction & analysis Experimental procedures Conclusions & future work References Questions
Introduction
What is phishing ? Phishing basics Phishing information flow Visually similar Webpages Growth rate of phishing sites Approaches of anti phishing Objectives of Study
What is Phishing?
Definition Phishing is an act to fraudulently acquire user’s sensitive
information such as password, credit/debit card number through illegal website that look exactly like target website
Phishing basics
Visually similar website Email containing time constraint Fake https certificate Attractive offers one phishing webpage Attractive games containing link to the phishing webpage
Figure:Phishing information flow
Visually similar websites
Growth rate of phishing sites
According to UK cards association press release report:
Phishing attacks caused $21.6 million loss between January & June 2012
A growth of 28% from June 2011
Number of websites detected by APWG 63,253 /month
Growth rate of phishing sites
Number of URLs 1,75,229 Significant growth caused by huge number of phishing
websites created by criminals for financial benefits Phishing techniques are improved regularly & getting more
sophisticated
Approaches of Antiphishing
Antiphishing approaches are developed to combat the problem of phishing
The existing approaches areFeature based Content based URL blacklist based
Objectives of approach
Identify & extract phishing features based on five inputs
Develop a neuro fuzzy model Train & validate the fuzzy inference model on real time Maximizing the accuracy of performance and minimizing
false positive & operation time
Methodology
Proposed approach utilize Neuro Fuzzy with five inputs
Neuro fuzzy Five inputs
Neuro Fuzzy
Combination of fuzzy logic & neural networkNeuro fuzzy = Fuzzy logic + Neural network
Allows use of numeric & linguistic properties Allows Universal approximation with ability to use fuzzy
IF......Then rules Fuzzy logic deal with reasoning on higher level using
numerical and linguistic information from domain expert
Neural network perform well when dealing with raw data
Five Inputs
Five inputs are five tables where features are extracted and stored for references
Wholly representative of phishing attack technique and strategies
288 features are extracted from these inputsi. Legitimate site rulesii. User behavioral profileiii. Phish tankiv. User specific sitesv. Pop up from email
Five Inputs
Legitimate site rulesSummary of law covering phishing crime
User behavioral profileList of people behavior when interacting with
phishing websites Phish tank
Free community website where suspected websites are verified and voted as a phish by community experts
Five Inputs
User specific sitesContains binding information between user and online transaction service provider
Pop-Ups from EmailPop-Ups from email are general phrases used by phishers
Feature Extraction AndAnalysis
Extraction is based on the five inputs An automated wizard is used to extract features and store
in excel sheet as phishing techniques evolve with time Legitimate site rules consist of 66 extracted features Based on user behavior profile 60 features are extracted Likewise phish tank carries 72 features that are extracted by
exploring 200 phishing websites from phish tank archive
Feature Extraction AndAnalysis
Also user specific sites have 48 features extracted by consulting with bank experts & 20 legal websites
Equally pop-ups from email consist of 42 features gathered by observing pop-ups on screen
These total 288 feature also known as data This data is used to differentiate between
phishing ,legitimate and suspicious websites accurately Most frequent terms are searched by using ‘FIND’ function
Feature Extraction AndAnalysis
Consequently the terms that appear often are assigned a value from 0 to 1 that isphishing website= 1Legitimate website= 0
Suspicious website = Any number between 0 to 1 This strategy facilitate accuracy & reduces
complexity in fuzzy rules
Figure: Intelligent phishing detection system overall process diagram
Experimental Procedure
Training and testing methods 2 fold cross validation method is used to train and test the
accuracy and robustness of the proposed model Divides data into two partsi. Training is done on part Iii. Testing is done on part II Then the role of training and testing is reversed Finally the results are assembled
Conclusion And Future Work
Study presented is based on neural fuzzy scheme to detect phishing websites & protect customers performing online transactions on those sites
Using 2 fold cross validation the proposed scheme with five input offer a high accuracy in detecting phishing sites in real time
Scheme offers better performance in comparison to previously reported research
Primary contribution of this research is the framework of five input which are the most important elements of this research
Continue….
Future work is adding more feature & parameters optimization for a 100% accuracy to develop a plug in toolbar for real time application
References
1. Intelligent phishing detection and protection scheme for online transactions Original Research ArticleExpert Systems with Applications, Volume 40, Issue 11, 1 September 2013, Pages 4697-4706P.A. Barraclough, M.A. Hossain, M.A. Tahir, G. Sexton, N. Aslam
2. Intelligent phishing detection system for e-banking using fuzzy data mining Original Research ArticleExpert Systems with Applications, Volume 37, Issue 12, December 2010, Pages 7913-7921Maher Aburrous, M.A. Hossain, Keshav Dahal, Fadi Thabtah
Any Questions??Any Questions??
Thank Thank You...You...