To read this content please select one of the options below:

A hybrid approach for phishing web site detection

Mehdi Dadkhah (Department of Computer and Information Technology, Foulad Institute of Technology, Isfahan, Iran)
Shahaboddin Shamshirband (Department of Computer System and Information Technology, University of Malaya, Kuala Lumpur, Malaysia)
Ainuddin Wahid Abdul Wahab (Department of Computer System and Information Technology, University of Malaya, Kuala Lumpur, Malaysia)

The Electronic Library

ISSN: 0264-0473

Article publication date: 7 November 2016

545

Abstract

Purpose

This paper aims to present a hybrid approach based on classification algorithms that was capable of identifying different types of phishing pages. In this approach, after eliminating features that do not play an important role in identifying phishing attacks and also after adding the technique of searching page title in the search engine, the capability of identifying journal phishing and phishing pages embedded in legal sites was added to the presented approach in this paper.

Design/methodology/approach

The hybrid approach of this paper for identifying phishing web sites is presented. This approach consists of four basic sections. The action of identifying phishing web sites and journal phishing attacks is performed via selecting two classification algorithms separately. To identify phishing attacks embedded in legal web sites also the method of page title searching is used and then the result is returned. To facilitate identifying phishing pages the black list approach is used along with the proposed approach so that the operation of identifying phishing web sites can be performed more accurately, and, finally, by using a decision table, it is judged that the intended web site is phishing or legal.

Findings

In this paper, a hybrid approach based on classification algorithms to identify phishing web sites is presented that has the ability to identify a new type of phishing attack known as journal phishing. The presented approach considers the most used features and adds new features to identify these attacks and to eliminate unused features in the identifying process of these attacks, does not have the problems of previous techniques and can identify journal phishing too.

Originality/value

The major advantage of this technique was considering all of the possible and effective features in identifying phishing attacks and eliminating unused features of previous techniques; also, this technique in comparison with other similar techniques has the ability of identifying journal phishing attacks and phishing pages embedded in legal sites.

Keywords

Citation

Dadkhah, M., Shamshirband, S. and Abdul Wahab, A.W. (2016), "A hybrid approach for phishing web site detection", The Electronic Library, Vol. 34 No. 6, pp. 927-944. https://doi.org/10.1108/EL-07-2015-0132

Publisher

:

Emerald Group Publishing Limited

Copyright © 2016, Emerald Group Publishing Limited

Related articles