中央研究院  |   資訊科學研究所  |   多媒體網路與系統實驗室 
Counteracting Phishing Page Polymorphism: An Image Layout Analysis Approach
(NOTE: Sheng-Wei Chen is also known as Kuan-Ta Chen.)

Abstract
Many visual similarity-based phishing page detectors have been developed to detect phishing webpages, however, scammers now create polymorphic phishing pages to breach the defense of those detectors. We call this kind of countermeasure phishing page polymorphism.

Polymorphic pages are visually similar to genuine pages they try to mimic, but they use different representation techniques. It increases the level of difficulty to detect phishing pages. In this paper, we propose an effective detection mechanism to detect polymorphic phishing pages. In contrast to existing approaches, we analyze the layout of webpages rather than the HTML codes, colors, or content. Specifically, we compute the similarity degree of a suspect page and an authentic page through image processing techniques. Then, the degrees of similarity are ranked by a classifier trained to detect phishing pages. To verify the efficacy of our phishing detection mechanism, we collected 6,750 phishing pages and 312 mimicked targets for the performance evaluation. The results show that our method achieves an excellent detection rate of 99.6%.

Related paper:
- Fighting Phishing with Discriminative Keypoint Features of Webpages


Citation
Ieng-Fat Lam, Wei-Cheng Xiao, Szu-Chi Wang, and Kuan-Ta Chen, "Counteracting Phishing Page Polymorphism: An Image Layout Analysis Approach," In Proceedings of ISA 2009, 2009.

BibTex
@INPROCEEDINGS{lam09:phishing,
  AUTHOR     = {Ieng-Fat Lam and Wei-Cheng Xiao and Szu-Chi Wang and Kuan-Ta Chen},
  TITLE      = {Counteracting Phishing Page Polymorphism: An Image Layout Analysis Approach},
  BOOKTITLE  = {Proceedings of ISA 2009},
  YEAR       = {2009}
}
Downloads