共查询到16条相似文献,搜索用时 109 毫秒
1.
陈宇飞 《电子制作.电脑维护与应用》2019,(8)
钓鱼网站的主要手段是采用群发垃圾文件,欺骗用户在钓鱼网站URL地址,登陆并输入个人机密信息的一种攻击手段。本文通过分析钓鱼网站URL地址的结构和词汇特征,对出现异常的钓鱼网站URL进行预测。将钓鱼网站URL地址中抽取的结构特征,词汇特征等,采用数据挖掘的方法进行预测。本文使用四种分类算法,决策树、随机森林、KNN、SVM算法对数据进行分类预测。 相似文献
2.
基于贝叶斯和支持向量机的钓鱼网站检测方法 总被引:1,自引:0,他引:1
随着电子商务和在线交易的不断发展,钓鱼网站已成为目前最难处理的网络安全难题之一。提出了一种基于贝叶斯和不平衡支持向量机的钓鱼网站检测方法,首先提取待检测网站的URL特征,采用改进贝叶斯方法进行分类检测,如果不能明确分类,则提取该网站的页面特征,并采用不平衡支持向量机方法进行分类检测。实验结果表明,与现有方法相比,方法所需的检测时间少且能达到较高的检测准确度。 相似文献
3.
针对钓鱼攻击者常用的伪造HTTPS网站以及其他混淆技术,借鉴了目前主流基于机器学习以及规则匹配的检测钓鱼网站的方法RMLR和PhishDef,增加对网页文本关键字和网页子链接等信息进行特征提取的过程,提出了Nmap-RF分类方法。Nmap-RF是基于规则匹配和随机森林方法的集成钓鱼网站检测方法。根据网页协议对网站进行预过滤,若判定其为钓鱼网站则省略后续特征提取步骤。否则以文本关键字置信度,网页子链接置信度,钓鱼类词汇相似度以及网页PageRank作为关键特征,以常见URL、Whois、DNS信息和网页标签信息作为辅助特征,经过随机森林分类模型判断后给出最终的分类结果。实验证明,Nmap-RF集成方法可以在平均9~10 μs的时间内对钓鱼网页进行检测,且可以过滤掉98.4%的不合法页面,平均总精度可达99.6%。 相似文献
4.
为了应对钓鱼网站的检测逃避策略,提出一种基于URL语言特征的钓鱼网站检测算法。通过分析钓鱼网站和合法网站的URL在不同检测域上的差异,定义基元和敏感度来描述其语言特征。先根据基元对主级域名进行相似性检测,当相似性低于预先设定的阈值时,选取有效的子域名特征,利用随机森林算法对子域名的语言特征进行学习和检测。实验结果表明,该算法的准确率达95.6%,系统运行时间相对较小,平均识别时间小于1 s。 相似文献
5.
6.
本文结合URL字符串随机率和URL字符特征,通过Wrapper方法筛选出一组新特征。通过对比不同机器学习算法的准确率,回归率等四个不同的指标,确定以随机森林算法构建了基于URL随机率和随机森林的钓鱼网站检测系统。本系统在实验测试集上表现出的准确率为96.49%,在全体实验数据集上表现的准确率为99.19%。实验相关结果表明,方案改进了钓鱼网站检测的准确率。 相似文献
7.
8.
9.
10.
针对钓鱼URL常用的混淆技术,提出一种基于规则匹配和逻辑回归的钓鱼网页检测方法(RMLR)。首先,使用针对违反URL命名标准及隐藏钓鱼目标词等混淆技术所构建的规则库对给定网页分类,若可判定其为钓鱼网址,则省略后续的特征提取及检测过程,以满足实时检测的需要。若未能直接判定为钓鱼网址,则提取该URL的相关特征,并使用逻辑回归分类器进行二次检测,以提升检测的适应性和准确率,并降低因规则库规模不足导致的误报率。同时,RMLR引入基于字符串相似度的Jaccard随机域名识别方法来辅助检测钓鱼URL。实验结果表明,RMLR准确率达到98.7%,具有良好的检测效果。 相似文献
11.
In this paper, we present a new rule-based method to detect phishing attacks in internet banking. Our rule-based method used two novel feature sets, which have been proposed to determine the webpage identity. Our proposed feature sets include four features to evaluate the page resources identity, and four features to identify the access protocol of page resource elements. We used approximate string matching algorithms to determine the relationship between the content and the URL of a page in our first proposed feature set. Our proposed features are independent from third-party services such as search engines result and/or web browser history. We employed support vector machine (SVM) algorithm to classify webpages. Our experiments indicate that the proposed model can detect phishing pages in internet banking with accuracy of 99.14% true positive and only 0.86% false negative alarm. Output of sensitivity analysis demonstrates the significant impact of our proposed features over traditional features. We extracted the hidden knowledge from the proposed SVM model by adopting a related method. We embedded the extracted rules into a browser extension named PhishDetector to make our proposed method more functional and easy to use. Evaluating of the implemented browser extension indicates that it can detect phishing attacks in internet banking with high accuracy and reliability. PhishDetector can detect zero-day phishing attacks too. 相似文献
12.
Phishing is a method of stealing electronic identity in which social engineering and website forging methods are used in order to mislead users and reveal confidential information having economic value. Destroying the trust between users in business network, phishing has a negative effect on the budding area of e-commerce. Developing countries such as Iran have been recently facing Internet threats like phishing, whose methods, regarding the social differences, may be different from other experiences. Thus, it is necessary to design a suitable detection method for these deceits. The aim of current paper is to provide a phishing detection system to be used in e-banking system in Iran. Identifying the outstanding features of phishing is one of the important prerequisites in design of an accurate system; therefore, in first step, to identify the influential features of phishing that best fit the Iranian bank sites, a list of 28 phishing indicators was prepared. Using feature selection algorithm based on rough sets theory, six main indicators were identified as the most effective factors. The fuzzy expert system was designed using these indicators, afterwards. The results show that the proposed system is able to determine the Iranian phishing sites with a reasonable speed and precision, having an accuracy of 88%. 相似文献
13.
14.
The detection of phishing and legitimate websites is considered a great challenge for web service providers because the users of such websites are indistinguishable. Phishing websites also create traffic in the entire network. Another phishing issue is the broadening malware of the entire network, thus highlighting the demand for their detection while massive datasets (i.e., big data) are processed. Despite the application of boosting mechanisms in phishing detection, these methods are prone to significant errors in their output, specifically due to the combination of all website features in the training state. The upcoming big data system requires MapReduce, a popular parallel programming, to process massive datasets. To address these issues, a probabilistic latent semantic and greedy levy gradient boosting (PLS-GLGB) algorithm for website phishing detection using MapReduce is proposed. A feature selection-based model is provided using a probabilistic intersective latent semantic preprocessing model to minimize errors in website phishing detection. Here, the missing data in each URL are identified and discarded for further processing to ensure data quality. Subsequently, with the preprocessed features (URLs), feature vectors are updated by the greedy levy divergence gradient (model) that selects the optimal features in the URL and accurately detects the websites. Thus, greedy levy efficiently differentiates between phishing websites and legitimate websites. Experiments are conducted using one of the largest public corpora of a website phish tank dataset. Results show that the PLS-GLGB algorithm for website phishing detection outperforms state-of-the-art phishing detection methods. Significant amounts of phishing detection time and errors are also saved during the detection of website phishing. 相似文献
15.
16.
《Expert systems with applications》2014,41(13):5948-5959
Website phishing is considered one of the crucial security challenges for the online community due to the massive numbers of online transactions performed on a daily basis. Website phishing can be described as mimicking a trusted website to obtain sensitive information from online users such as usernames and passwords. Black lists, white lists and the utilisation of search methods are examples of solutions to minimise the risk of this problem. One intelligent approach based on data mining called Associative Classification (AC) seems a potential solution that may effectively detect phishing websites with high accuracy. According to experimental studies, AC often extracts classifiers containing simple “If-Then” rules with a high degree of predictive accuracy. In this paper, we investigate the problem of website phishing using a developed AC method called Multi-label Classifier based Associative Classification (MCAC) to seek its applicability to the phishing problem. We also want to identify features that distinguish phishing websites from legitimate ones. In addition, we survey intelligent approaches used to handle the phishing problem. Experimental results using real data collected from different sources show that AC particularly MCAC detects phishing websites with higher accuracy than other intelligent algorithms. Further, MCAC generates new hidden knowledge (rules) that other algorithms are unable to find and this has improved its classifiers predictive performance. 相似文献