Publication Type:

Journal Article

Source:

Cluster Computing, Springer New York LLC, Volume 17, Number 3, p.1051-1068 (2014)

URL:

http://www.scopus.com/inward/record.url?eid=2-s2.0-84906788675&partnerID=40&md5=ed36d8c40b59b071a1122eaa1708af47

Keywords:

Anti-phishing, Architecture modeling, Computer crime, E-commerce security, Heuristic methods, Information services, Middleware, Phishing, Sensitive informations, Service oriented architecture (SOA), Support vector machine classifiers, Threelayer architecture, User interfaces, Web services, Web services architecture, Websites

Abstract:

Phishing is web based criminal activity of making innocent online users to reveal sensitive information into fake web sites. Such fake web sites lead to fraudulent charges against individuals and corporations. Phishers have a lot of methods to design and host phished web pages, so in reality there cannot be a single solution that can help us combat phishing. As technology advances, the phishing techniques being used are also getting advanced and hence it demands the anti-phishing techniques also to be upgraded and the new techniques are to be included along with the existing methods. But most of the anti-phishing techniques today do not satisfy these criteria. In this paper, we propose service oriented three-layer architecture model for detecting and identifying phishing web sites as it overcomes the shortcomings of existing anti-phishing solutions. This model enables us to separate the user interface layer from the anti-phishing components layer. This is done through web service middleware layer, which provides us with the freedom of building our own anti-phishing components layer in an efficient and flexible way, independent of other layers. Anti-phishing components layer provides a set of reusable components to convert webpage into feature vectors using finest heuristic methods and external repositories of information. The feature vectors act as an input to trained support vector machine classifier to generate phishing label which determines whether a webpage is legitimate or a phishing page. This when experimented, displayed the significance and importance of three-layered architecture model along with combination of heuristics in detection of phishing webpage. This results in high accuracy of 99 % with less than 1 % of false positive rate. © 2013 Springer Science+Business Media New York.

Notes:

cited By (since 1996)0

Cite this Research Publication

Ra Gowtham and Krishnamurthi, Ib, “PhishTackle-a web services architecture for anti-phishing”, Cluster Computing, vol. 17, pp. 1051-1068, 2014.