Corpus ID: 202121423

WhiteNet: Phishing Website Detection by Visual Whitelists

  title={WhiteNet: Phishing Website Detection by Visual Whitelists},
  author={Sahar Abdelnabi and Katharina Krombholz and Mario Fritz},
Phishing websites are still a major threat in today’s Internet ecosystem. Despite numerous previous efforts, black and white listing methods do not offer sufficient protection – in particular against zero-day phishing attacks. This paper contributes WhiteNet, a new similarity-based phishing detection framework, based on a triplet network with three shared Convolutional Neural Networks (CNNs). WhiteNet learns profiles for websites in order to detect zero-day phishing websites by a “visual… Expand
Triplet Mining-based Phishing Webpage Detection
This work proposes a novel CNN architecture consisting of two paths to capture the content similarity and structural similarity between web pages, and uses triplet learning to train the model without any labelled phishing examples. Expand
A novel approach for phishing URLs detection using lexical based machine learning in a real-time environment
This work has developed a phishing detection approach that only needs nine lexical features for effectively detecting phishing attacks and has obtained the highest accuracy of 99.57% with the Random forest algorithm. Expand
A Review of Computer Vision Methods in Network Security
A comprehensive survey of computer vision methods applied in network security for detecting attacks or building security solutions is provided under three topics; i) phishing attempt detection, ii) malware detection, and iii) traffic anomaly detection. Expand
Towards Adversarial Phishing Detection
This work explores the adversarial robustness of highly influential and recent detection solutions, by assessing their common detection strategies, and presents examples of techniques that enable evasion through imperceptible perturbations. Expand


A Computer Vision Technique to Detect Phishing Attacks
  • R. S. Rao, Syed Taqi Ali
  • Computer Science
  • 2015 Fifth International Conference on Communication Systems and Network Technologies
  • 2015
This paper uses computer vision technique called SURF detector to extract discriminative key point features from both suspicious and targeted websites and uses white list and visual similarity based techniques to computing similarity degree between the legitimate and suspicious pages. Expand
GoldPhish: Using Images for Content-Based Phishing Analysis
This work proposes a scheme that protects against zero-day phishing attacks with high accuracy, which captures an image of a page, uses optical character recognition to convert the image to text, then leverages the Google PageRank algorithm to help render a decision on the validity of the site. Expand
PhishZoo: Detecting Phishing Websites by Looking at Them
This paper proposes a phishing detection approach that uses profiles of trusted websites' appearances to detect phishing, and provides similar accuracy to blacklisting approaches (96%), with the advantage that it can classify zero-day phishing attacks and targeted attacks against smaller sites (such as corporate intranets). Expand
Phishing Detection: Analysis of Visual Similarity Based Approaches
A comprehensive analysis of phishing attacks, their exploitation, some of the recent visual similarity based approaches for phishing detection, and its comparative study is presented. Expand
Detecting Homoglyph Attacks with a Siamese Neural Network
This paper presents a fundamentally different solution to homoglyph attacks using a Siamese convolutional neural network (CNN), which shows a considerable 13% to 45% improvement over baseline techniques in terms of area under the receiver operating characteristic curve (ROC AUC). Expand
DeltaPhish: Detecting Phishing Webpages in Compromised Websites
This work empirically evaluates its system, named DeltaPhish, on more than 5,500 webpages collected in the wild from compromised websites, showing that it is capable of detecting more than 99% of phishing webpages, while only misclassifying less than 1% of legitimate pages. Expand
BaitAlarm: Detecting Phishing Sites Using Similarity in Fundamental Visual Features
A new solution, BaitAlarm, to detect phishing attack using features that are hard to evade and an algorithm to quantify the suspicious ratings of web pages based on similarity of visual appearance between the web pages. Expand
Large-Scale Automatic Classification of Phishing Pages
The design and performance characteristics of a scalable machine learning classifier developed to detect phishing websites are described and this classifier is used to maintain Google’s phishing blacklist automatically. Expand
Phish-IRIS: A New Approach for Vision Based Brand Prediction of Phishing Web Pages via Compact Visual Descriptors
A machine learning augmented pure vision based approach which extracts and classifies compact visual features from web page screenshots and presents a lightweight schema serving competitive accuracy and superior feature extraction and inferring speed that enables it to be used as a browser plugin. Expand
Lexical feature based phishing URL detection using online learning
This paper explores the possibility of utilizing confidence weighted classification combined with content based phishing URL detection to produce a dynamic and extensible system for detection of present and emerging types of phishing domains. Expand