Publication Type:

Journal Article


Decision Support Systems and Electronic Commerce (Elsevier) (Impact Factor: 2.201, SCI Indexed), Volume 61, p.12 - 22 (2014)




Anti-phishing, E-commerce security, Phishing, Target domain detection


Abstract Phishing is a fraudulent act to acquire sensitive information from unsuspecting users by masking as a trustworthy entity in an electronic commerce. Several mechanisms such as spoofed e-mails, \{DNS\} spoofing and chat rooms which contain links to phishing websites are used to trick the victims. Though there are many existing anti-phishing solutions, phishers continue to lure the victims. In this paper, we present a novel approach that not only overcomes many of the difficulties in detecting phishing websites but also identifies the phishing target that is being mimicked. We have proposed an anti-phishing technique that groups the domains from hyperlinks having direct or indirect association with the given suspicious webpage. The domains gathered from the directly associated webpages are compared with the domains gathered from the indirectly associated webpages to arrive at a target domain set. On applying Target Identification (TID) algorithm on this set, we zero-in the target domain. We then perform third-party \{DNS\} lookup of the suspicious domain and the target domain and on comparison we identify the legitimacy of the suspicious page.


cited By 8

Cite this Research Publication

Dr. Gowtham R., Krishnamurthi, I., and K. Kumar, S. Sree, “An efficacious method for detecting phishing webpages through target domain identification”, Decision Support Systems and Electronic Commerce (Elsevier) (Impact Factor: 2.201, SCI Indexed), vol. 61, pp. 12 - 22, 2014.