Qualification: 
Ph.D, M.E
Email: 
r_gowtham@cb.amrita.edu

Gowtham is an ardent researcher passionate about quality research.  His keen interests for teaching made him pursue teaching as a career. A decade of experience in computer science engineering teaching at various institutes follows Gowtham. Gowtham is a computer science graduate from Periyar University. His Master's and Doctoral Degrees are from Anna University. He has been associated with Amrita Vishwa Vidyapeetham for about five years. He has keen interests in converting idea to prototypes and his valuable researches have fetched him publication in top revered journals including Elsevier and Springer published ones. His areas of interests include Web security, Semantic Web and Information Retrieval. He has guided about a dozen of master's students and many graduate level students. Gowtham has been awarded by Infosys Technologies as Distinguished Facilitator - Technical (2015) for his teaching and presentation skills. He also owns the responsibility of heading the TAG (Thrust Area Group) NextGen Computing. He is also guiding Ph.D. scholars in his area of interest. His long term interest lies in creating consistent solutions for web security, at a very minimal cost.

Honors and Awards       

  • Awarded Distinguished Facilitator by Infosys for the year 2015.

Publications

Publication Type: Journal Article

Year of Publication Publication Type Title

2017

Journal Article

Dr. Gowtham R., Gupta, J., and Gamya, P. G., “Identification of phishing webpages and its target domains by analyzing the feign relationship”, Journal of Information Security and Applications (Elsevier) (SNIP: 1.186) , vol. 35, pp. 75-84, 2017.[Abstract]


Phishing is the act of stealing personal information from the online users by impersonating as a statutory source in the cyberspace. Phishers often bait online users to visit their forged webpages to acquire users sensitive information. Most of the anti-phishing techniques today, endeavor to identify the legitimacy of the webpages the user visits and warn them with a phishing label when the webpage is a phish. But, these warnings generated by the anti-phishing tools are generic and does not provide any assistance for the users to safely navigate to the legitimate webpages. Any anti-phishing technique will be incomplete and incompetent without having a victimized domain identification in place. The method proposed in this paper addresses this lacuna by automatically identifying the victimized domain (target domain) of every successfully distinguished phishing webpage. This method initially identifies the possible target domains of the webpage by analyzing the feign relationships which exist between the webpage and its associated domains through the in-degree link associations. Further, a novel Target Validation (TVD) algorithm is used to ensure the correctness of the identified target domain which in turn helps in reducing the false target predictions of the system. The legitimacy of the webpage is further confirmed using the identified target domain. The experiment results show that this method is efficient in protecting users from the online identity attacks and also in identifying victimized domain with over 99% accuracy. © 2017 Elsevier Ltd

More »»

2017

Journal Article

Dr. Gowtham R., Selvakumar, K., and Venugopal, A., “Intelligent explanation generation system for phishing webpages by employing an inference system”, Behaviour & Information Technology, Taylor & Francis (Impact Factor : 1.388, SCI, WoS Indexed), pp. 1–17, 2017.[Abstract]


Phishing is a fraudulent scheme to steal a user’s personal and confidential information by masking as a trustworthy entity in the electronic commerce. Phishers lure online users to visit their fake webpages and capture the user’s sensitive financial information. The current anti-phishing technique focuses on determining the legitimacy of the webpages that the user visits, and it alerts users with a phishing label when a webpage is found to have suspicious activity. Most of the times, however, these warnings are ignored by the users as there is no significant information present in the alerts except for the phishing label. The method proposed in this paper addresses the aforementioned lacunae by generating a coherent and complete explanation in the natural language text for the anti-phishing system’s decision. The explanation includes the phishing label along with information to establish why such a decision has been taken. This would, in turn, contribute to the user’s enhanced understanding of the threat and also strengthens the user’s trust in the system. It is quite evident from the pilot evaluation, which involved 50 users, that the proposed methodology significantly improves the user’s understanding of the phishing label and strengthens their trust in the system. © 2017 Informa UK Limited, trading as Taylor & Francis Group

More »»

2015

Journal Article

Dr. Gowtham R. and Venugopal, A., “A Study On Verbalization Of OWL Axioms Using Controlled Natural Language”, International Journal of Applied Engineering Research, vol. 10, no. 7, pp. 16953-16960, 2015.[Abstract]


Ontology verbalization is a process of converting the logical content of ontologies represented in the Web Ontology Language (OWL) into human understandable natural languages such as English. But, because of the ambiguous and complex nature of the natural languages, it is not directly suitable for verbalization. Controlled Natural Languages (CNLs) are derived from natural languages by applying restrictions and it can be further used for ontology verbalization and authoring. It helps the non-logicians to easily access the OWL ontologies. There are various controlled natural languages that can be used for both ontology authoring and verbalization. Each of the CNL has its own advantages and disadvantages. They overlap in some of the features, while differs widely in some other. The common goal of all the controlled natural languages is to make the OWL statements and the ontologies easily understandable for the users with little or no formal training. This paper focuses on comparing four predominantly used controlled natural languages such as Attempto Controlled English (ACE), Rabbit, Sydney OWL Syntax (SOS) and OWL Simplified English (OSE) with respect to simplicity, clearness, naturalness, and expressivity. © Research India Publications.

More »»

2014

Journal Article

Dr. Gowtham R. and Krishnamurthi, I., “A comprehensive and efficacious architecture for detecting phishing webpages”, Computers & Security (Elsevier Advanced Technology) (Impact Factor: 1.158, SCI Indexed), vol. 40, pp. 23 - 37, 2014.[Abstract]


Abstract Phishing is a web-based criminal act. Phishing sites lure sensitive information from naive online users by camouflaging themselves as trustworthy entities. Phishing is considered an annoying threat in the field of electronic commerce. Due to the short lifespan of phishing webpages and the rapid advancement of phishing techniques, maintaining blacklists, white-lists or employing solely heuristics-based approaches are not particularly effective. The impact of phishing can be largely mitigated by adopting a suitable combination of all these techniques. In this study, the characteristics of legitimate and phishing webpages were investigated in depth, and based on this analysis, we proposed heuristics to extract 15 features from such webpages. These heuristic results were fed as an input to a trained machine learning algorithm to detect phishing sites. Before applying heuristics to the webpages, we used two preliminary screening modules in this system. The first module, the preapproved site identifier, checks webpages against a private white-list maintained by the user, and the second module, the Login Form Finder, classifies webpages as legitimate when there are no login forms present. These modules help to reduce superfluous computation in the system and in addition reducing the rate of false positives without compromising on the false negatives. By using all of these modules, we are able to classify webpages with 99.8% precision and a 0.4% of false positive rate. The experimental results indicate that this method is efficient for protecting users from online identity attacks. More »»

2014

Journal Article

Dr. Gowtham R., Krishnamurthi, I., and K. Kumar, S. Sree, “An efficacious method for detecting phishing webpages through target domain identification”, Decision Support Systems and Electronic Commerce (Elsevier) (Impact Factor: 2.201, SCI Indexed), vol. 61, pp. 12 - 22, 2014.[Abstract]


Abstract Phishing is a fraudulent act to acquire sensitive information from unsuspecting users by masking as a trustworthy entity in an electronic commerce. Several mechanisms such as spoofed e-mails, \{DNS\} spoofing and chat rooms which contain links to phishing websites are used to trick the victims. Though there are many existing anti-phishing solutions, phishers continue to lure the victims. In this paper, we present a novel approach that not only overcomes many of the difficulties in detecting phishing websites but also identifies the phishing target that is being mimicked. We have proposed an anti-phishing technique that groups the domains from hyperlinks having direct or indirect association with the given suspicious webpage. The domains gathered from the directly associated webpages are compared with the domains gathered from the indirectly associated webpages to arrive at a target domain set. On applying Target Identification (TID) algorithm on this set, we zero-in the target domain. We then perform third-party \{DNS\} lookup of the suspicious domain and the target domain and on comparison we identify the legitimacy of the suspicious page. More »»

2013

Journal Article

Dr. Gowtham R. and Krishnamurthi, Ib, “PhishTackle-a web services architecture for anti-phishing”, Cluster Computing (Springer), vol. 16, no. 3, pp. 1-18, 2013.[Abstract]


Phishing is web based criminal activity of making innocent online users to reveal sensitive information into fake web sites. Such fake web sites lead to fraudulent charges against individuals and corporations. Phishers have a lot of methods to design and host phished web pages, so in reality there cannot be a single solution that can help us combat phishing. As technology advances, the phishing techniques being used are also getting advanced and hence it demands the anti-phishing techniques also to be upgraded and the new techniques are to be included along with the existing methods. But most of the anti-phishing techniques today do not satisfy these criteria. In this paper, we propose service oriented three-layer architecture model for detecting and identifying phishing web sites as it overcomes the shortcomings of existing anti-phishing solutions. This model enables us to separate the user interface layer from the anti-phishing components layer. This is done through web service middleware layer, which provides us with the freedom of building our own anti-phishing components layer in an efficient and flexible way, independent of other layers. Anti-phishing components layer provides a set of reusable components to convert webpage into feature vectors using finest heuristic methods and external repositories of information. The feature vectors act as an input to trained support vector machine classifier to generate phishing label which determines whether a webpage is legitimate or a phishing page. This when experimented, displayed the significance and importance of three-layered architecture model along with combination of heuristics in detection of phishing webpage. This results in high accuracy of 99 % with less than 1 % of false positive rate. © 2013 Springer Science+Business Media New York.

More »»

Funded Projects

Faculty Research Interest: 
207
PROGRAMS
OFFERED
5
AMRITA
CAMPUSES
15
CONSTITUENT
SCHOOLS
A
GRADE BY
NAAC, MHRD
8th
RANK(INDIA):
NIRF 2018
150+
INTERNATIONAL
PARTNERS