PhishDump: A multi-model ensemble based technique for the detection of phishing sites in mobile devices

Routhu Srinivasa Rao, Tatti Vaishnavi, Alwyn Roshan Pais

Research output: Contribution to journalArticle

Abstract

Phishing is a technique in which the attackers trick the online users to reveal the sensitive information by creating the phishing sites which look similar to that of legitimate sites. There exist many techniques to detect phishing sites in desktop computers. In recent years, the number of mobile users accessing the web has increased which lead to a rise in the number of attacks in mobile devices. Existing techniques designed for desktop computers may not be suitable for mobile devices due to their hardware limitations such as RAM, Screen size, low computational power etc. In this paper, we propose a mobile application named PhishDump to classify the legitimate and phishing websites in mobile devices. PhishDump is based on the multi-model ensemble of Long Short Term Memory (LSTM) and Support Vector Machine (SVM) classifier. As PhishDump focuses on the extraction of features from URL, it has several advantages over existing works such as fast computation, language independence and robust to accidental download of malwares. From the experimental analysis, we observed that our proposed multi-model ensemble outperformed traditional LSTM character and word-level models. PhishDump performed better than the existing baseline models with an accuracy of 97.30% on our dataset and 98.50% on the benchmark dataset.

Original languageEnglish
Article number101084
JournalPervasive and Mobile Computing
Volume60
DOIs
Publication statusPublished - 01-11-2019
Externally publishedYes

Fingerprint

Multi-model
Mobile devices
Mobile Devices
Ensemble
Memory Term
Personal computers
Websites
Malware
Mobile Applications
Experimental Analysis
Baseline
Support Vector Machine
Random access storage
Classify
Classifier
Attack
Hardware
Benchmark
Support vector machines
Classifiers

All Science Journal Classification (ASJC) codes

  • Computer Science (miscellaneous)
  • Software
  • Information Systems
  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications
  • Applied Mathematics

Cite this

@article{4cb0ee1197e341509439c7e81c25fc1a,
title = "PhishDump: A multi-model ensemble based technique for the detection of phishing sites in mobile devices",
abstract = "Phishing is a technique in which the attackers trick the online users to reveal the sensitive information by creating the phishing sites which look similar to that of legitimate sites. There exist many techniques to detect phishing sites in desktop computers. In recent years, the number of mobile users accessing the web has increased which lead to a rise in the number of attacks in mobile devices. Existing techniques designed for desktop computers may not be suitable for mobile devices due to their hardware limitations such as RAM, Screen size, low computational power etc. In this paper, we propose a mobile application named PhishDump to classify the legitimate and phishing websites in mobile devices. PhishDump is based on the multi-model ensemble of Long Short Term Memory (LSTM) and Support Vector Machine (SVM) classifier. As PhishDump focuses on the extraction of features from URL, it has several advantages over existing works such as fast computation, language independence and robust to accidental download of malwares. From the experimental analysis, we observed that our proposed multi-model ensemble outperformed traditional LSTM character and word-level models. PhishDump performed better than the existing baseline models with an accuracy of 97.30{\%} on our dataset and 98.50{\%} on the benchmark dataset.",
author = "Rao, {Routhu Srinivasa} and Tatti Vaishnavi and Pais, {Alwyn Roshan}",
year = "2019",
month = "11",
day = "1",
doi = "10.1016/j.pmcj.2019.101084",
language = "English",
volume = "60",
journal = "Pervasive and Mobile Computing",
issn = "1574-1192",
publisher = "Elsevier",

}

PhishDump : A multi-model ensemble based technique for the detection of phishing sites in mobile devices. / Rao, Routhu Srinivasa; Vaishnavi, Tatti; Pais, Alwyn Roshan.

In: Pervasive and Mobile Computing, Vol. 60, 101084, 01.11.2019.

Research output: Contribution to journalArticle

TY - JOUR

T1 - PhishDump

T2 - A multi-model ensemble based technique for the detection of phishing sites in mobile devices

AU - Rao, Routhu Srinivasa

AU - Vaishnavi, Tatti

AU - Pais, Alwyn Roshan

PY - 2019/11/1

Y1 - 2019/11/1

N2 - Phishing is a technique in which the attackers trick the online users to reveal the sensitive information by creating the phishing sites which look similar to that of legitimate sites. There exist many techniques to detect phishing sites in desktop computers. In recent years, the number of mobile users accessing the web has increased which lead to a rise in the number of attacks in mobile devices. Existing techniques designed for desktop computers may not be suitable for mobile devices due to their hardware limitations such as RAM, Screen size, low computational power etc. In this paper, we propose a mobile application named PhishDump to classify the legitimate and phishing websites in mobile devices. PhishDump is based on the multi-model ensemble of Long Short Term Memory (LSTM) and Support Vector Machine (SVM) classifier. As PhishDump focuses on the extraction of features from URL, it has several advantages over existing works such as fast computation, language independence and robust to accidental download of malwares. From the experimental analysis, we observed that our proposed multi-model ensemble outperformed traditional LSTM character and word-level models. PhishDump performed better than the existing baseline models with an accuracy of 97.30% on our dataset and 98.50% on the benchmark dataset.

AB - Phishing is a technique in which the attackers trick the online users to reveal the sensitive information by creating the phishing sites which look similar to that of legitimate sites. There exist many techniques to detect phishing sites in desktop computers. In recent years, the number of mobile users accessing the web has increased which lead to a rise in the number of attacks in mobile devices. Existing techniques designed for desktop computers may not be suitable for mobile devices due to their hardware limitations such as RAM, Screen size, low computational power etc. In this paper, we propose a mobile application named PhishDump to classify the legitimate and phishing websites in mobile devices. PhishDump is based on the multi-model ensemble of Long Short Term Memory (LSTM) and Support Vector Machine (SVM) classifier. As PhishDump focuses on the extraction of features from URL, it has several advantages over existing works such as fast computation, language independence and robust to accidental download of malwares. From the experimental analysis, we observed that our proposed multi-model ensemble outperformed traditional LSTM character and word-level models. PhishDump performed better than the existing baseline models with an accuracy of 97.30% on our dataset and 98.50% on the benchmark dataset.

UR - http://www.scopus.com/inward/record.url?scp=85072862935&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85072862935&partnerID=8YFLogxK

U2 - 10.1016/j.pmcj.2019.101084

DO - 10.1016/j.pmcj.2019.101084

M3 - Article

AN - SCOPUS:85072862935

VL - 60

JO - Pervasive and Mobile Computing

JF - Pervasive and Mobile Computing

SN - 1574-1192

M1 - 101084

ER -