Acta Informatica Pragensia 2017, 6(2), 114-123 | DOI: 10.18267/j.aip.1045525

A Lightweight Anti-Phishing Technique for Mobile Phone

Abdul Abiodun Orunsolu, Misturah Adunni Alaran, Adeleke Amos Adebayo, Sakiru Oluyemi Kareem, Ayobami Oke
Department of Computer Science, School of Science and Technology, Moshood Abiola Polytechnic, Abeokuta, P.M.B 2210 Abeokuta, Ogun State, Nigeria

Mobile phones have become an essential device for accessing the web. This is due to the advantages of portability, lower cost and ease. However, the adoption of mobile phones for online activities is now being challenged by myriads of cybercrimes. One of such crimes is phishing attack. In this work, a lightweight anti-phishing technique is proposed to combat phishing attacks on mobile devices. This is necessary because these mobile platforms have increased the attack surface for phishers while diminishing the effectiveness of existing countermeasures. The proposed approach uses a number of URL behavior to determine the status of a website based on frequency analysis of extracted phishing features from PhishTank. To increase the detection power of unknown pattern, a machine learning algorithm called Support Vector Machine is adopted. The results indicated that the approach is very efficient against phishing sites with negligible false negatives.

Keywords: Cyber fraud, Mobile devices, Phishing, Security, URL

Received: March 20, 2017; Revised: July 1, 2017; Accepted: July 10, 2017; Published: December 31, 2017  Show citation

ACS AIP APA ASA Harvard Chicago Chicago Notes IEEE ISO690 MLA NLM Turabian Vancouver
Orunsolu, A.A., Alaran, M.A., Adebayo, A.A., Kareem, S.O., & Oke, A. (2017). A Lightweight Anti-Phishing Technique for Mobile Phone. Acta Informatica Pragensia6(2), 114-123. doi: 10.18267/j.aip.104
Download citation

References

  1. Neupane, A., Rahman, M.L., Saxena, N., & Hirshfield, L. (2015). A Multi-Modal Neuro-Physiological Study of Phishing Detection and Malware Warnings. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (pp. 479-491). New York: ACM. doi: 10.1145/2810103.2813660 Go to original source...
  2. Bhardwaj, A., Subrahmanyam, G.V.B., Avasthi, V., & Sastry, H. (2016). Ransomware: A Rising Threat of new age Digital Extortion. Retrieved from https://arxiv.org/abs/1512.01980
  3. Chiew, K. L., Chang, E. H., Sze, S. N., & Tiong, W. K. (2015). Utilization of website logo for phishing detection. Computers and Security, 54(October), 16-26. doi: 10.1016/j.cose.2015.07.006 Go to original source...
  4. CSO. (2016). CSO: Online report on phishing activities. Retrieved from http://www.csoonline.com/articles
  5. Gowtham, R., & Krishnamurthi, I. (2014). A Comprehensive and efficacious architecture for detecting phishing pages. Computers and Security, 40(February), 23-37. doi: 10.1016/j.cose.2013.10.004 Go to original source...
  6. Hong, J. (2012). The State of phishing attacks. Communications of the ACM, 55(1), 74-81. doi: 10.1145/2063176.2063197 Go to original source...
  7. Huang, C., Ma, S., & Chen, K. (2011). Using one-time passwords to prevent password phishing attacks. Journal of Network and Computer Applications, 34(4), 1292-1301. doi: 10.1016/j.jnca.2011.02.004 Go to original source...
  8. Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2015). The design of phishing studies: Challenges for researchers. Computers & Security, 52(July), 194-206. doi: 10.1016/j.cose.2015.02.008 Go to original source...
  9. Khonji, M., Iraqi, Y., & Jones, A. (2013). Phishing Detection: A Literature Survey. IEEE Communications Surveys & Tutorials, 15(4), 2091-2121. doi: 10.1109/SURV.2013.032213.00009 Go to original source...
  10. Kumar, G., & Kumar, K. (2014). Network Security - an updated perspective. Systems Science Go to original source...
  11. & Control Engineering, 2(1), 325-334. doi: 10.1080/21642583.2014.895969 Go to original source...
  12. Alsharnouby, M., Alaca, F., & Chiasson, S. (2015). Why phishing still works: User strategies for combating phishing attacks. International Journal of Human-Computer Studies, 82(October), Go to original source...
  13. 69-82. doi: 10.1016/j.ijhcs.2015.05.005 Go to original source...
  14. Pan, Y., & Ding, X. (2006). Anomaly based web phishing page detection. In Proceedings of the 22nd Annual Computer Security Applications Conference. New York: IEEE. doi: 10.1109/ACSAC.2006.13 Go to original source...
  15. Prakash, P., Kumar, M., Kompella, R., & Gupta, M. (2010). PhishNet: Predictive blacklisting to detect phishing attacks. In Proceedings IEEE of the INFOCOM, 2010. New York: IEEE. doi: 10.1109/INFCOM.2010.5462216 Go to original source...
  16. Purkait, S. (2012). Phishing counter measures and their effectiveness - literature review. Information Management & Computer Security, 20(5), 382-420. doi: 10.1108/09685221211286548 Go to original source...
  17. Richardson, R., & North, M. (2017). Ransomware: Evolution, Mitigation and Prevention. International Management Review, 13(1), 10-21.
  18. RSA. (2014). RSA monthly online fraud report. Anti-Fraud Command Center. Retrieved from https://www.rsa.com/content/dam/rsa/PDF/rsa-online-fraud-report-0914.pdf

This is an open access article distributed under the terms of the Creative Commons Attribution 4.0 International License (CC BY 4.0), which permits use, distribution, and reproduction in any medium, provided the original publication is properly cited. No use, distribution or reproduction is permitted which does not comply with these terms.