查看文章

Phishing is an essential component of various cyber-attacks as it is often used as the key step in advanced persistent threats. Despite the availability of public phishing detection toolbars and studies in phishing detection systems, the number of attacks has been increasing in the past years due to the continuous change of attack models for bypassing detection. Thus, it remains a challenge to develop a robust phishing detection system despite the dynamic nature of phishing attacks. We attempt to address this by designing an adaptive phishing detection system with the ability to continually learn and detect phishing more robustly.

In the first work, we develop a novel phishing detection approach using a compression algorithm to perform website classification and demonstrate a systematic way to construct the word dictionaries for the compression models using word occurrence likelihood analysis. We also propose the use of compression ratio as a novel machine learning feature, which significantly improves machine learning based phishing detection over previous studies. Our proposed method outperforms the use of best-performing HTML-based features in past studies, with a true positive rate of 80.04%.