earticle

영어

Phishing is an online theft of sensitive information that swindles innocent users into disclosing private information such as user names, passwords, and credit card numbers. The reported number of phishing attacks is growing daily, hence, the loss of the resulting damages are escalating. As a result, there is an urgent need for anti-phishing solutions that is arisen by researchers as well as the IT industry worldwide. Although a number of solutions to mitigate phishing attacks have been proposed, yet they still suffer from high false positive and negative results as well as questioning the feasibility of their implementation. In this work, we propose a system for client-side defenses such as browser plug-ins and classification techniques that are adopted in such detection scenarios. The system inspects the HTML pages as an annotated document represented or embedded in XHTML format using RDF annotations. While the proposed solution has been tested using real sites acquired from the World Wide Web and government agencies concerned on the problem , the method has a better detection accuracy that reaches 96% while false positive rate decreased to 4%. The results show a promising findings in the area of phishing detection that requires hand-in-hand collaboration between various banking branches and the country’s central or authorized bank. Additionally, the system notifies the corresponding bank about the phishing web sites, and the bank in turn notifies its clients.