DOI : https://doi.org/10.18517/ijaseit.13.5.19037

Phishing and Spoofing Websites: Detection and Countermeasures

Wee Liem Lai (1), Vik Tor Goh (2), Timothy Tzen Vun Yap (3), Hu Ng (4)
(1) Faculty of Engineering, Multimedia University, 63100 Cyberjaya, Malaysia
(2) Faculty of Engineering, Multimedia University, 63100 Cyberjaya, Malaysia
(3) School of Mathematical & Computer Sciences, Heriot-Watt University, 62200 Putrajaya, Malaysia
(4) Faculty of Computing and Informatics, Multimedia University, 63100 Cyberjaya, Malaysia
Fulltext View | Download
How to cite (IJASEIT) :
[1]
W. L. Lai, V. T. Goh, T. T. V. Yap, and H. Ng, “Phishing and Spoofing Websites: Detection and Countermeasures”, Int. J. Adv. Sci. Eng. Inf. Technol., vol. 13, no. 5, pp. 1672–1678, Oct. 2023.
Citation Format :
Website phishing and spoofing occur when unsuspecting users are tricked into interacting with a fraudulent website designed to impersonate a legitimate one. This is done with the intention of stealing login credentials or other personal information. The goal of this project is to develop a multi-layered URL-based malicious website detection system to counter such attacks. The proposed system employs several defence mechanisms, including whitelist filtering, API requests to domain blacklist providers, and string comparison algorithms, to accurately identify and classify websites as either legitimate or malicious. In brief, the first layer provides an initial check by matching the domain of the intended website with a predefined whitelist, while the second layer queries APIVoid (a domain blacklist provider) to conduct additional checks for domain age and reputation. Finally, to prevent typographical errors that could unintentionally redirect users to a malicious website, the last layer compares the domain of the intended website with entries in the whitelist to identify any significant similarities using the Levenshtein distance algorithm. To evaluate the system's performance, a comprehensive testing phase was conducted on a dataset containing 30 randomly selected websites, encompassing various scenarios of malicious and legitimate websites. The results show a high true positive rate of 0.94 and an overall accuracy of 0.93, indicating the system's ability to accurately classify legitimate and malicious websites. The proposed system shows promising results in accurately classifying websites and enhancing user awareness to prevent phishing and spoofing attacks.

R. Alabdan, “Phishing Attacks Survey: Types, Vectors, and Technical Approaches,” Future Internet 2020, Vol. 12, Page 168, vol. 12, no. 10, p. 168, Sep. 2020, doi: 10.3390/FI12100168.

A. K. Jain and B. B. Gupta, “A survey of phishing attack techniques, defence mechanisms and open research challenges,” Enterp Inf Syst, vol. 16, no. 4, pp. 527-565, 2021, doi: 10.1080/17517575.2021.1896786.

M. P. Bach, T. Kamenjarska, and B. Žmuk, “Targets of phishing attacks: The bigger fish to fry,” Procedia Comput Sci, vol. 204, pp. 448-455, Jan. 2022, doi: 10.1016/J.PROCS.2022.08.055.

R. S. Rao, T. Vaishnavi, and A. R. Pais, “Phishdump: a multi-model ensemble based technique for the detection of phishing sites in mobile devices,” Pervasive Mob Comput, vol. 60, p. 101084, Nov. 2019, doi: 10.1016/j.pmcj.2019.101084.

R. S. Rao, T. Vaishnavi, and A. R. Pais, “Catchphish: detection of phishing websites by inspecting urls,” J Ambient Intell Humaniz Comput, vol. 11, no. 2, pp. 813-825, Feb. 2020, doi: 10.1007/s12652-019-01311-4.

R. Di Pietro, G. Me, and M. A. Strangio, “A two-factor mobile authentication scheme for secure financial transactions,” 4th Annual International Conference on Mobile Business, ICMB 2005, pp. 28-34, 2005, doi: 10.1109/ICMB.2005.12.

J. Lee, L. Bauer, and M. L. Mazurek, “The effectiveness of security images in internet banking,” IEEE Internet Comput, vol. 19, no. 1, pp. 54-62, 2015, doi: 10.1109/MIC.2014.108.

A. Safi and S. Singh, “A systematic literature review on phishing website detection techniques,” Journal of King Saud University - Computer and Information Sciences, vol. 35, no. 2, pp. 590-611, Feb. 2023, doi: 10.1016/J.JKSUCI.2023.01.004.

T. Nathezhtha, D. Sangeetha, and V. Vaidehi, “WC-PAD: Web crawling based phishing attack detection,” Proceedings - International Carnahan Conference on Security Technology, vol. 2019-October, Oct. 2019, doi: 10.1109/CCST.2019.8888416.

R. S. Rao and A. R. Pais, “Two level filtering mechanism to detect phishing sites using lightweight visual similarity approach,” J Ambient Intell Humaniz Comput, vol. 11, no. 9, pp. 3853-3872, Sep. 2020, doi: 10.1007/S12652-019-01637-Z/METRICS.

N. A. Azeez, S. Misra, I. A. Margaret, L. Fernandez-Sanz, and S. M. Abdulhamid, “Adopting automated whitelist approach for detecting phishing attacks,” Comput Secur, vol. 108, p. 102328, Sep. 2021, doi: 10.1016/J.COSE.2021.102328.

S. Maroofi, M. Korczynski, C. Hesselman, B. Ampeau, and A. Duda, “COMAR: Classification of Compromised versus Maliciously Registered Domains,” Proceedings - 5th IEEE European Symposium on Security and Privacy, Euro S and P 2020, pp. 607-623, Sep. 2020, doi: 10.1109/EUROSP48549.2020.00045.

P. A. Barraclough, G. Fehringer, and J. Woodward, “Intelligent cyber-phishing detection for online,” Comput Secur, vol. 104, p. 102123, May 2021, doi: 10.1016/J.COSE.2020.102123.

Y. Wang, Y. Liu, T. Wu, and I. Duncan, “A Cost-Effective OCR Implementation to Prevent Phishing on Mobile Platforms,” International Conference on Cyber Security and Protection of Digital Services, Cyber Security 2020, Jun. 2020, doi: 10.1109/CYBERSECURITY49315.2020.9138873.

A. S. Bozkir and M. Aydos, “LogoSENSE: A companion HOG based logo detection scheme for phishing web page and E-mail brand recognition,” Comput Secur, vol. 95, p. 101855, Aug. 2020, doi: 10.1016/J.COSE.2020.101855.

R. S. Rao and A. R. Pais, “Jail-Phish: An improved search engine based phishing detection system,” Comput Secur, vol. 83, pp. 246-267, Jun. 2019, doi: 10.1016/J.COSE.2019.02.011.

Y. Li, Z. Yang, X. Chen, H. Yuan, and W. Liu, “A stacking model using URL and HTML features for phishing webpage detection,” Future Generation Computer Systems, vol. 94, pp. 27-39, May 2019, doi: 10.1016/J.FUTURE.2018.11.004.

A. K. Jain and B. B. Gupta, “Two-level authentication approach to protect from phishing attacks in real time,” J Ambient Intell Humaniz Comput, vol. 9, no. 6, pp. 1783-1796, Nov. 2018, doi: 10.1007/s12652-017-0616-z.

Y. A. Alsariera, V. E. Adeyemo, A. O. Balogun, and A. K. Alazzawi, “AI Meta-Learners and Extra-Trees Algorithm for the Detection of Phishing Websites,” IEEE Access, vol. 8, pp. 142532-142542, 2020, doi: 10.1109/ACCESS.2020.3013699.

B. B. Gupta, K. Yadav, I. Razzak, K. Psannis, A. Castiglione, and X. Chang, “A novel approach for phishing URLs detection using lexical based machine learning in a real-time environment,” Comput Commun, vol. 175, pp. 47-57, Jul. 2021, doi: 10.1016/J.COMCOM.2021.04.023.

Y. Ding, N. Luktarhan, K. Li, and W. Slamu, “A keyword-based combination approach for detecting phishing webpages,” Comput Secur, vol. 84, pp. 256-275, Jul. 2019, doi: 10.1016/J.COSE.2019.03.018.

M. Babagoli, M. P. Aghababa, and V. Solouk, “Heuristic nonlinear regression strategy for detecting phishing websites,” Soft comput, vol. 23, no. 12, pp. 4315-4327, Jun. 2019, doi: 10.1007/S00500-018-3084-2/METRICS.

R. S. Rao and A. R. Pais, “Detection of phishing websites using an efficient feature-based machine learning framework,” Neural Comput Appl, vol. 31, no. 8, pp. 3851-3873, Aug. 2019, doi: 10.1007/S00521-017-3305-0/METRICS.

P. Athisaya Sakila Rani, Ns. Singh, and A. Professor, “Paddy Leaf Symptom-based Disease Classification Using Deep CNN with ResNet-50,” International Journal of Advanced Science Computing and Engineering, vol. 4, no. 2, pp. 88-94, Aug. 2022, doi: 10.30630/IJASCE.4.2.83.

F. Zulfikri, D. Tryanda, A. Syarif, and H. Patria, “Predicting Peer to Peer Lending Loan Risk Using Classification Approach,” International Journal of Advanced Science Computing and Engineering, vol. 3, no. 2, pp. 94-100, Oct. 2021, doi: 10.30630/IJASCE.3.2.57.

P. Chaudhari, “Skin Cancer Classification Application Using Machine Learning,” International Journal of Data Science, vol. 2, no. 1, pp. 47-55, Sep. 2021, doi: 10.18517/IJODS.2.1.47-55.2021.

M. Yamin and A. F. Giyats, “Support Vector Regression Approach for Wind Forecasting,” International Journal of Advanced Science Computing and Engineering, vol. 4, no. 2, pp. 95-101, Aug. 2022, doi: 10.30630/IJASCE.4.2.84.

V. Patil, P. Thakkar, C. Shah, T. Bhat, and S. P. Godse, “Detection and Prevention of Phishing Websites Using Machine Learning Approach,” Proceedings - 2018 4th International Conference on Computing, Communication Control and Automation, ICCUBEA 2018, Jul. 2018, doi: 10.1109/ICCUBEA.2018.8697412.

K. L. Chiew, C. L. Tan, K. S. Wong, K. S. C. Yong, and W. K. Tiong, “A new hybrid ensemble feature selection framework for machine learning-based phishing detection system,” Inf Sci (N Y), vol. 484, pp. 153-166, May 2019, doi: 10.1016/J.INS.2019.01.064.

A. Basit, M. Zafar, A. R. Javed, and Z. Jalil, “A Novel Ensemble Machine Learning Method to Detect Phishing Attack,” Proceedings - 2020 23rd IEEE International Multi-Topic Conference, INMIC 2020, Nov. 2020, doi: 10.1109/INMIC50486.2020.9318210.

O. K. Sahingoz, E. Buber, O. Demir, and B. Diri, “Machine learning based phishing detection from URLs,” Expert Syst Appl, vol. 117, pp. 345-357, Mar. 2019, doi: 10.1016/J.ESWA.2018.09.029.

M. N. Alam, D. Sarma, F. F. Lima, I. Saha, R. E. Ulfath, and S. Hossain, “Phishing attacks detection using machine learning approach,” Proceedings of the 3rd International Conference on Smart Systems and Inventive Technology, ICSSIT 2020, pp. 1173-1179, Aug. 2020, doi: 10.1109/ICSSIT48917.2020.9214225.

A. B. Altamimi et al., “PhishCatcher: Client-Side Defense Against Web Spoofing Attacks Using Machine Learning,” IEEE Access, 2023, doi: 10.1109/ACCESS.2023.3287226.

M. H. Alkawaz, S. J. Steven, A. I. Hajamydeen, and R. Ramli, “A comprehensive survey on identification and analysis of phishing website based on machine learning methods,” ISCAIE 2021 - IEEE 11th Symposium on Computer Applications and Industrial Electronics, pp. 82-87, Apr. 2021, doi: 10.1109/ISCAIE51753.2021.9431794.

APIVoid, Threat Analysis APIs for Threat Detection & Prevention, https://www.apivoid.com/ (accessed Aug. 25, 2023).

M. Sytnik and E. Bubnov, “An analysis of the life cycle of phishing and scam pages | Securelist.” https://securelist.com/phishing-page-life-cycle/105171/ (accessed Aug. 25, 2023).

L. Yujian and L. Bo, “A normalized Levenshtein distance metric,” IEEE Trans Pattern Anal Mach Intell, vol. 29, no. 6, pp. 1091-1095, Jun. 2007, doi: 10.1109/TPAMI.2007.1078.

S. Grashchenko, “Levenshtein Distance Computation | Baeldung on Computer Science.” https://www.baeldung.com/cs/levenshtein-distance-computation (accessed Aug. 28, 2023).

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors who publish with this journal agree to the following terms:

    1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
    2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
    3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).