Skip to main content
SpringerLink
Log in

Updated Analysis of Detection Methods for Phishing Attacks

  • Conference paper
  • First Online:
Futuristic Trends in Network and Communication Technologies (FTNCT 2020)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1395))

  • 616 Accesses

Abstract

Phishing attacks use social engineering and some technical tricks to obtain users’ personal identity data, account credentials and details of your bank cards to impersonate users on the network. Organizations are not immune to these attacks, so they should implement an orderly phishing detection plan, with the aim of reducing risks from direct exposure. Phishing is perpetrated in various telematic services such as email, web, social networks and instant messaging, among others. This paper brings an updated study of the main existing mechanisms for the detection of phishing. Additionally, the most effective solutions in the literature will be highlighted, matching solutions for different services will be identified and the most effective solutions will be featured, with the aim of applying these approaches in future integrated solutions for the detection of phishing attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 109.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 139.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Symantec: Internet Security Threat Report 2019 (2019)

    Google Scholar 

  2. Sumner, A., Yuan, X.: Mitigating phishing attacks: an overview. In: Proceedings of the 2019 ACM Southeast Conference, Kennesaw, GA, USA, pp. 72–77. ACM (2019)

    Google Scholar 

  3. Yassein, M.B., Aljawarneh, S., Wahsheh, Y.A.: Survey of online social networks threats and solutions. In: 2019 IEEE Jordan International Joint Conference on Electrical Engineering and Information Technology (JEEIT), pp. 375–380 (2019)

    Google Scholar 

  4. Balim, C., Gunal, E.S.: Automatic detection of smishing attacks by machine learning methods. In: 2019 1st International Informatics and Software Engineering Conference (UBMYK), pp. 1–3 (2019)

    Google Scholar 

  5. Moul, K.A.: Avoid phishing traps. In: Proceedings of the 2019 ACM SIGUCCS Annual Conference, New Orleans, LA, USA, pp. 199–208. ACM (2019)

    Google Scholar 

  6. Chorghe, S.P., Shekokar, N.: A survey on anti-phishing techniques in mobile phones. In: 2016 International Conference on Inventive Computation Technologies (ICICT), pp. 1–5 (2016)

    Google Scholar 

  7. APWG: Phishing Activity Trends Report - 1st Quarter 2020, San Francisco, USA (2020)

    Google Scholar 

  8. APWG: Phishing Activity Trends Report - 2015–2019, San Francisco, USA (2019)

    Google Scholar 

  9. Sfakianakis, A., Douligeris, C., Marinos, L., Lourenço, M., Raghimi, O.: ENISA Threat Landscape Report 2018: 15 Top Cyberthreats and Trends, vol. 10 (2019)

    Google Scholar 

  10. Qabajeh, I., Thabtah, F., Chiclana, F.: A recent review of conventional vs. automated cybersecurity anti-phishing techniques. Comput. Sci. Rev. 29, 44–55 (2018). https://doi.org/10.1016/j.cosrev.2018.05.003

  11. Althobaiti, K., Rummani, G., Vaniea, K.: A review of human- and computer-facing URL phishing features. In: 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp. 182–191 (2019)

    Google Scholar 

  12. Tyagi, I., Shad, J., Sharma, S., Gaur, S., Kaur, G.: A novel machine learning approach to detect phishing websites. In: 2018 5th International Conference on Signal Processing and Integrated Networks (SPIN), pp. 425–430 (2018)

    Google Scholar 

  13. Bikov, T.D., Iliev, T.B., Mihaylov, G.Y., Stoyanov, I.S.: Phishing in depth – modern methods of detection and risk mitigation. In: 2019 42nd International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), pp. 447–450 (2019)

    Google Scholar 

  14. Marchal, S., Saari, K., Singh, N., Asokan, N.: Know your phish: novel techniques for detecting phishing sites and their targets. In: 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS), pp. 323–333 (2016)

    Google Scholar 

  15. Bell, S., Komisarczuk, P.: An analysis of phishing blacklists: Google safe browsing, OpenPhish, and PhishTank. In: Proceedings of the Australasian Computer Science Week Multiconference, Melbourne, VIC, Australia, p. 11. ACM (2020)

    Google Scholar 

  16. Pham, C., Nguyen, L.A.T., Tran, N.H., Huh, E., Hong, C.S.: Phishing-aware: a neuro-fuzzy approach for anti-phishing on fog networks. IEEE Trans. Netw. Service Manag. 15(3), 1076–1089 (2018). https://doi.org/10.1109/TNSM.2018.2831197

    Article  Google Scholar 

  17. Nathezhtha, T., Sangeetha, D., Vaidehi, V.: WC-PAD: web crawling based phishing attack detection. In: 2019 International Carnahan Conference on Security Technology (ICCST), pp. 1–6 (2019)

    Google Scholar 

  18. Zuraiq, A.A., Alkasassbeh, M.: Review: phishing detection approaches. In: 2019 2nd International Conference on new Trends in Computing Sciences (ICTCS), pp. 1–6 (2019)

    Google Scholar 

  19. Dou, Z., Khalil, I., Khreishah, A., Al-Fuqaha, A., Guizani, M.: Systematization of knowledge (SoK): a systematic review of software-based web phishing detection. IEEE Commun. Surv. Tutor. 19(4), 2797–2819 (2017). https://doi.org/10.1109/COMST.2017.2752087

    Article  Google Scholar 

  20. Cuzzocrea, A., Martinelli, F., Mercaldo, F.: A machine-learning framework for supporting intelligent web-phishing detection and analysis. In: Proceedings of the 23rd International Database Applications & Engineering Symposium, Athens, Greece, pp. 1–3. ACM (2019)

    Google Scholar 

  21. Latif, R.M.A., Umer, M., Tariq, T., Farhan, M., Rizwan, O., Ali, G.: A smart methodology for analyzing secure e-banking and e-commerce websites. In: 2019 16th International Bhurban Conference on Applied Sciences and Technology (IBCAST), pp. 589–596 (2019)

    Google Scholar 

  22. Sharma, H., Meenakshi, E., Bhatia, S.K.: A comparative analysis and awareness survey of phishing detection tools. In: 2017 2nd IEEE International Conference on Recent Trends in Electronics, Information & Communication Technology (RTEICT), pp. 1437–1442 (2017)

    Google Scholar 

  23. Vrbančič, G., Fister, I., Podgorelec, V.: Swarm intelligence approaches for parameter setting of deep learning neural network: case study on phishing websites classification. In: Proceedings of the 8th International Conference on Web Intelligence, Mining and Semantics, Novi Sad, Serbia, pp. 1–8. ACM (2018)

    Google Scholar 

  24. Haruta, S., Asahina, H., Sasase, I.: Visual similarity-based phishing detection scheme using image and CSS with target website finder. In: GLOBECOM 2017 - 2017 IEEE Global Communications Conference, pp. 1–6 (2017)

    Google Scholar 

  25. Oest, A., Safaei, Y., Doupé, A., Ahn, G., Wardman, B., Tyers, K.: PhishFarm: a scalable framework for measuring the effectiveness of evasion techniques against browser phishing blacklists. In: 2019 IEEE Symposium on Security and Privacy, pp. 1344–1361 (2019)

    Google Scholar 

  26. Shyni, C.E., Sundar, A.D., Ebby, G.S.E.: Phishing detection in websites using parse tree validation. In: 2018 Recent Advances on Engineering, Technology and Computational Sciences (RAETCS), pp. 1–4 (2018)

    Google Scholar 

  27. Park, A.J., Quadari, R.N., Tsang, H.H.: Phishing website detection framework through web scraping and data mining. In: 2017 8th IEEE Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), pp. 680–684 (2017)

    Google Scholar 

  28. Wang, Y., Duncan, I.: a novel method to prevent phishing by using OCR technology. In: 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), pp. 1–5 (2019)

    Google Scholar 

  29. Patil, P., Rane, R., Bhalekar, M.: Detecting spam and phishing mails using SVM and obfuscation URL detection algorithm. In: 2017 International Conference on Inventive Systems and Control (ICISC), pp. 1–4 (2017)

    Google Scholar 

  30. Alswailem, A., Alabdullah, B., Alrumayh, N., Alsedrani, A.: Detecting phishing websites using machine learning. In: 2019 2nd International Conference on Computer Applications & Information Security (ICCAIS), pp. 1–6 (2019)

    Google Scholar 

  31. Barraclough, P., Sexton, G.: Phishing website detection fuzzy system modelling. In: 2015 Science and Information Conference (SAI), pp. 1384–1386 (2015)

    Google Scholar 

  32. Geng, G., Yan, Z., Lee, J., Jin, X., Liu, D.: An efficient antiphishing method to secure econsume. IEEE Consum. Electron. Mag. 8(6), 42–46 (2019). https://doi.org/10.1109/MCE.2019.2928585

    Article  Google Scholar 

  33. Abdelhamid, N., Thabtah, F., Abdel-Jaber, H.: Phishing detection: a recent intelligent machine learning comparison based on models content and features. In: 2017 IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 72–77 (2017)

    Google Scholar 

  34. Yadollahi, M.M., Shoeleh, F., Serkani, E., Madani, A., Gharaee, H.: An adaptive machine learning based approach for phishing detection using hybrid features. In: 2019 5th International Conference on Web Research (ICWR), pp. 281–286 (2019)

    Google Scholar 

  35. Adebowale, M.A., Lwin, K.T., Hossain, M.A.: Deep learning with convolutional neural network and long short-term memory for phishing detection. In: 2019 13th International Conference on Software, Knowledge, Information Management and Applications (SKIMA), pp. 1–8 (2019)

    Google Scholar 

  36. Zhu, E., Chen, Y., Ye, C., Li, X., Liu, F.: OFS-NN: an effective phishing websites detection model based on optimal feature selection and neural network. IEEE Access 7, 73271–73284 (2019). https://doi.org/10.1109/ACCESS.2019.2920655

    Article  Google Scholar 

  37. AlEroud, A., Karabatis, G.: Bypassing detection of URL-based phishing attacks using generative adversarial deep neural networks. In: Proceedings of the Sixth International Workshop on Security and Privacy Analytics, New Orleans, USA, pp. 53–60. ACM (2020)

    Google Scholar 

  38. Huang, Y., Yang, Q., Qin, J., Wen, W.: Phishing URL detection via CNN and attention-based hierarchical RNN. In: 2019 18th IEEE International Conference on Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), pp. 112–119 (2019)

    Google Scholar 

  39. Huang, Y., Qin, J., Wen, W.: Phishing URL detection via capsule-based neural network. In: 2019 IEEE 13th International Conference on Anti-counterfeiting, Security, and Identification (ASID), pp. 22–26 (2019)

    Google Scholar 

  40. Fang, Y., Zhang, C., Huang, C., Liu, L., Yang, Y.: Phishing email detection using improved RCNN model with multilevel vectors and attention mechanism. IEEE Access 7, 56329–56340 (2019). https://doi.org/10.1109/ACCESS.2019.2913705

    Article  Google Scholar 

  41. Pongchanchai, N., Visoottiviseth, V., Ou, K., Yamai, N., Kitagawa, N.: Countermeasure against spoofed e-mails using display name as a user authenticator. In: 2018 Seventh ICT International Student Project Conference (ICT-ISPC), pp. 1–6 (2018)

    Google Scholar 

  42. Bagui, S., Nandi, D., Bagui, S., White, R.J.: Classifying phishing email using machine learning and deep learning. In: 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), pp. 1–2 (2019)

    Google Scholar 

  43. Park, G., Rayz, J.: Ontological detection of phishing emails. In: 2018 IEEE International Conference on Systems, Man, and Cybernetics (SMC), pp. 2858–2863 (2018)

    Google Scholar 

  44. Douzi, S., Amar, M., Ouahidi, B.E.: Advanced phishing filter using autoencoder and denoising autoencoder. In: Proceedings of the International Conference on Big Data and Internet of Thing, London, United Kingdom, pp. 125–129. ACM (2017)

    Google Scholar 

  45. Form, L.M., Chiew, K.L., Sze, S.N., Tiong, W.K.: Phishing email detection technique by using hybrid features. In: 2015 9th International Conference on IT in Asia, pp. 1–5 (2015)

    Google Scholar 

  46. Xiujuan, W., Chenxi, Z., Kangfeng, Z., Haoyang, T., Yuanrui, T.: Detecting spear-phishing emails based on authentication. In: 2019 IEEE 4th International Conference on Computer and Communication Systems (ICCCS), pp. 450–456 (2019)

    Google Scholar 

  47. Verma, R., Rai, N.: Phish-IDetector: message-ID based automatic phishing detection. In: 2015 12th International Joint Conference on e-Business and Telecommunications (ICETE), pp. 427–434 (2015)

    Google Scholar 

  48. Bhadane, A., Mane, S.B.: Detecting lateral spear phishing attacks in organisations. IET Inf. Secur. 13(2), 133–140 (2019). https://doi.org/10.1049/iet-ifs.2018.5090

    Article  Google Scholar 

  49. Fang, L., Bailing, W., Junheng, H., Yushan, S., Yuliang, W.: A proactive discovery and filtering solution on phishing websites. In: 2015 IEEE International Conference on Big Data (Big Data), pp. 2348–2355 (2015)

    Google Scholar 

  50. Bell, S., Komisarczuk, P.: Measuring the effectiveness of Twitter’s URL shortener (t.co) at protecting users from phishing and malware attacks. In: Proceedings of the Australasian Computer Science Week Multiconference, Melbourne, Australia, p. 11. ACM (2020)

    Google Scholar 

  51. Al-Janabi, M., Quincey, E.D., Andras, P.: Using supervised machine learning algorithms to detect suspicious URLs in online social networks. In: Proceedings of the 2017 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining 2017, Sydney, Australia, pp. 1104–1111. ACM (2017)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Universidad de las Ciencias Informáticas (UCI), 19370, Havana, Cuba

    Antonio Hernández Dominguez & Walter Baluja García

Authors
  1. Antonio Hernández Dominguez
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Walter Baluja García
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Antonio Hernández Dominguez or Walter Baluja García .

Editor information

Editors and Affiliations

  1. ABES Engineering College, Ghaziabad, India

    Pradeep Kumar Singh

  2. Southern Federal University, Rostov-on-Don, Russia

    Gennady Veselov

  3. Luleå University of Technology, Luleå, Sweden

    Valeriy Vyatkin

  4. Southern Federal University, Rostov-on-Don, Russia

    Anton Pljonkin

  5. University of Cádiz, Cádiz, Spain

    Juan Manuel Dodero

  6. Jaypee Institute of Information Technology, Waknaghat, India

    Yugal Kumar

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Hernández Dominguez, A., Baluja García, W. (2021). Updated Analysis of Detection Methods for Phishing Attacks. In: Singh, P.K., Veselov, G., Vyatkin, V., Pljonkin, A., Dodero, J.M., Kumar, Y. (eds) Futuristic Trends in Network and Communication Technologies. FTNCT 2020. Communications in Computer and Information Science, vol 1395. Springer, Singapore. https://doi.org/10.1007/978-981-16-1480-4_5

Download citation

  • DOI: https://doi.org/10.1007/978-981-16-1480-4_5

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-16-1479-8

  • Online ISBN: 978-981-16-1480-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation