آشکارسازی هوشمند فیشینگ و طرح محافظتی برای تراکنش‌های آنلاین

Phishing is an instance of social engineering techniques used to deceive users into giving their sensitive information using an illegitimate website that looks and feels exactly like the target organization website. Most phishing detection approaches utilizes Uniform Resource Locator (URL) blacklists or phishing website features combined with machine learning techniques to combat phishing. Despite the existing approaches that utilize URL blacklists, they cannot generalize well with new phishing attacks due to human weakness in verifying blacklists, while the existing feature-based methods suffer high false positive rates and insufficient phishing features. As a result, this leads to an inadequacy in the online transactions. To solve this problem robustly, the proposed study introduces new inputs (Legitimate site rules, User-behavior profile, PhishTank, User-specific sites, Pop-Ups from emails) which were not considered previously in a single protection platform. The idea is to utilize a Neuro-Fuzzy Scheme with 5 inputs to detect phishing sites with high accuracy in real-time. In this study, 2-Fold cross-validation is applied for training and testing the proposed model. A total of 288 features with 5 inputs were used and has so far achieved the best performance as compared to all previously reported results in the field

Phishing is a major problem nowadays causing losses of finance, particularly in online transactions (Financial Fraud Action UK & Credit clearing Company, 2012). Phishing definition varies from literature to literature. Jacobson and Meyers defined phishing as an act to fraudulently acquire user’s sensitive information (personal identity number, passcode, password, credit/debit card number) through illegitimate website that looks exactly like the target website (Jakobsson & Myers, 2007). According to the UKCards Association’s Press Release report, an increase in phishing attacks in online transaction has caused losses of £21.6 million between January and June 2012, which is a growth of 28% from June 2011 (Financial Fraud Action UK & Credit clearing Company, 2012). This significant increase is caused by a huge number of phishing websites created by criminals as a means of deceiving users into providing their credentials for financial benefit (Carter, 2012). Phishing techniques are improved regularly and are getting more sophisticated causing tremendous losses annually. Despite various anti-phishing approaches developed to combat the problem, these approaches suffer high false positive rates. As a result, there is still a lack of accuracy and real-time solutions causing inadequacy in online transaction (Xiang, Hong, Rose, & Cranor, 2011). Some of these approaches employs feature-based using machine learning algorithms (Aburrous et al., 2010 and Martin et al., 2011; Xiang et al., 2011; Liu and Giu, 2010 and Sanglerdsinlapachai, 2010; Xiang & Hong, 2009). Others are content-based approaches with lexical Uniform Resource Locator (URL) (Le, Markopoulou, & Faloutsos, 2011; Zhang et al., 2012). Some approaches uses heuristics (Zhang, Hong, & Crano, 2007; Afroz and Greenstadt, 2009 and Shahria, 2010), while other approaches employs visual similarity (Chen, Dick, & Miller, 2010) and others utilizes URL blacklists (Xiang et al., 2011; Sheng et al., 2009 and Spiezle, 2007). The existing blacklists, which are largely used in industries, cannot generalize well to new phishing attacks (Cranor, Eglman, Hong, & Zhang, 2006). Also Sheng et al. revealed that the accuracy for protection offered by blacklist is not greater than 40% and are slow in response to new phishing attacks as updates take longer (Sheng, 2009). It is a case in which 83% of launched phishing websites takes 12 h to appear in a blacklist. Moreover, no comprehensive features that are wholly representative of phishing strategies have been proposed. To address the problem robustly, it is important to build a state-of-the-art model using Neuro-Fuzzy scheme with five inputs. Neuro-Fuzzy is a Fuzzy Logic and a Neural Network. The point for using Neuro-Fuzzy is that, it has a universal approximations with ability to use Fuzzy IF…THEN rules. Neural Network performs well when dealing with raw data, while Fuzzy Logic deals with reasoning on a higher level, using linguistic information from domain experts (Negnevitsky, 2002). Five inputs are tables where features are stored which include: Legitimate site rules, User-behavior profile, PhishTank, User-specific sites and Pop-Ups from Emails. From these, 288 features are extracted to be used as training and testing data. The advantage of five inputs is that they are wholly representatives of phishing techniques and strategies. Further, training and testing experiments were performed using a 2-Fold cross-validation method based on Adaptive Neuro-Fuzzy Inference System (ANFIS) to measure the system accuracy and robustness. Cross-validation is a testing method and also signifies a group of methods, while in this case it is used to address over-fitting problems (Taher, 2010). Adaptive Neuro-Fuzzy Inference System is a hybrid intelligent system which has the ability for reasoning and learning. The experimental results shows that Neuro-Fuzzy with five inputs has the best performance compared to all previously reported approaches. The main contributions in this study are the five inputs as they are important elements. This study is significant because the system will restore user’s confidence in online transactions. In Section 1.1, the objectives are presented followed by the review of literature and related work. Section 3 describes the proposed Neuro-fuzzy approach with five inputs. Learning rules and Adaptive Neuro-Fuzzy Inference System are also described in this section. Section 4 covers feature extraction and analysis. The experimental procedure including training and testing is covered in Section 5 together with results and discussion. Contribution to knowledge is also described in Section 5. Section 6 concludes this paper and outline future work. The aim is to design and develop an intelligent phishing detection and protection model for online transactions based on Neuro-Fuzzy and five inputs.

This paper has been presented a new approach based on a Neuro-Fuzzy scheme to detect phishing websites and protect the customers performing online transaction. Hybrid Neuro-Fuzzy technique was used to developed the proposed detection and protection scheme that offered an effective technique as reported in Fang (2012) and Olivo et al. (2011). Using 2-fold cross-validation, the overall results demonstrates that the proposed Neuro-Fuzzy systems with five inputs offers a higher accuracy and can be effective in detecting phishing sites with a high accuracy in real-time. It is also worth mentioning that the proposed scheme offers better performance in comparison to previously reported research. The primary contribution of this research is the framework of five inputs, which are the most important elements in this paper with comprehensive features, utilizing Neuro-Fuzzy techniques that demonstrate a significant improvement as compared to the existing scheme. Future development includes adding more features and parameter optimization for a hundred percent accuracy to develop a plug-in toolbar for real-time application.