References - A Machine Learning Approach to Phishing Detection and Defense (2015)

A Machine Learning Approach to Phishing Detection and Defense (2015)


A.-P.W.G., 2010. Global phishing survey: domain name use and trends in 2h2010.

Abbasi A, Chen H. Detecting fake escrow websites using rich fraud cues and kernel based methods. Proceedings of the 17th Workshop on Information Technologies and Systems. 2007:55–60.

Abbasi A, Chen H. A comparison of fraud cues and classification methods for fake escrow website detection. Inform. Technol. Manage. 2009;10:83–101.

Abbasi A, Chen H. A comparison of tools for detecting fake websites. Computer. 2009;42:78–86.

Abbasi A, Zahedi FM, Kaza S. Detecting fake medical websites using recursive trust labeling. ACM Trans. Inform. Syst. 2012;30(4):22.

Abbasi A, Zhang Z, Zimbra D, Chen H, Nunamaker Jr JF. Detecting fake websites: the contribution of statistical learning theory. MIS quart. 2010;34:435.

Aburrous, M., Hossain, M.A., Thabatah, F. Dahal, K. Intelligent phishing website detection system using fuzzy techniques. Information and Communication Technologies: From Theory to Applications, 2008. ICTTA 2008. 3rd International Conference on, 2008. IEEE, 1–6.

Afroz, S., Greenstadt, R., 2009. Phishzoo: an automated web phishing detection approach based on profiling and fuzzy matching. Technical Report DU-CS-09-03, Drexel University.

Afroz S, Greenstadt R. Phishzoo: detecting phishing websites by looking at them. Semantic Computing (ICSC), 2011 Fifth IEEE International Conference on, 2011. IEEE. 2011:368–375.

Airoldi E, Malin B. Data mining challenges for electronic safety: the case of fraudulent intent detection in e-mails. Proceedings of the workshop on privacy and security aspects of data mining. 2004:57–66.

Akthar, F., Hahne, C., 2012. RapidMiner 5: Operator Reference. Rapid-I GmbH.

Al Shalabi L, Shaaban Z. Normalization as a preprocessing engine for data mining and the approach of preference matrix. Dependability of Computer Systems, 2006. DepCos-RELCOMEX’06. International Conference on, 2006. IEEE. 2006:207–214.

Alnajim A, Munro M. An Approach to the Implementation of the Anti-Phishing Tool for Phishing Websites Detection. Intelligent Networking and Collaborative Systems, 2009. INCOS’09. International Conference on, 2009. IEEE. 2009:105–112.

Anewalt K, Ackermann E. Open source, freeware, and shareware resources for web programming: tutorial presentation. J. Comput. Sci. CollegeV 20. 2005:198–200.

Atighetchi M, Pal P. Attribute-based prevention of phishing attacks. Network Computing and Applications, 2009. NCA 2009. Eighth IEEE International Symposium on, 2009. IEEE. 2009:266–269.

Basnet R, Mukkamala S, Sung A. Detection of phishing attacks: a machine learning approach. Soft Comput. Appl. Indust. 2008:373–383.

Basnet RB, Sung AH, Liu Q. Rule-Based Phishing Attack Detection. International Conference on Security and Management (SAM 2011). Las Vegas, NV. 2011.

Berend D, Paroush J. When is Condorcet’s Jury Theorem valid? Soc. Choice Welfare. 1998;15:481–488.

Chen J, Guo C. Online detection and prevention of phishing attacks. Communications and Networking in China, 2006. ChinaCom’06. First International Conference on, 2006. IEEE. 2006:1–7.

Chen KT, Chen JY, Huang CR, Chen CS. Fighting phishing with discriminative keypoint features. IEEE Internet Computing. 2009;13:56–63.

Chou N, Ledesma R, Teraguchi Y, Boneh D, Mitchell JC. Client-side defense against web-based identity theft. San Diego, USA: 11th Annual Network and Distributed System Security Symposium (NDSS’04); 2004.

Chua CEH, Wareham J. Fighting internet auction fraud: an assessment and proposal. Computer. 2004;37:31–37.

Cios KJ, Pedrycz W, Swiniarsk R. Data mining methods for knowledge discovery. IEEE T. Neural Networks. 1998;9:1533–1534.

Close, T. 2009. Waterken YURL: trust management for humans (2003). Last visit on May, 30.

Dhamija R, Tygar J. Phish and hips: human interactive proofs to detect phishing attacks. HIP. 2005:69–83.

Dhamija R, Tygar JD. The battle against phishing: dynamic security skins. ACM International Conference Proceeding Series. 2005:77–88.

Dhamija R, Tygar JD, Hearst M. Why phishing works. Proceedings of the SIGCHI conference on Human Factors in computing systems. ACM; 2006:581–590.

Dinev T. Why spoofing is serious internet fraud. Communications of the ACM. 2006;49:76–82.

Dunlop M, Groat S, Shelly D. GoldPhish: Using Images for Content-Based Phishing Analysis. Internet Monitoring and Protection (ICIMP), 2010 Fifth International Conference on, 2010. IEEE. 2010:123–128.

Elkan C, Noto K. Learning classifiers from only positive and unlabeled data. Proceedings of the 14th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM. 2008:213–220.

Fahmy HMA, Ghoneim SA. PhishBlock: A hybrid anti-phishing tool. Communications, Computing and Control Applications (CCCA), 2011 International Conference on, 2011. IEEE. 2011:1–5.

Fette I, Sadeh N, Tomasic A. Learning to detect phishing emails. Proceedings of the 16th international conference on World Wide Web. ACM; 2007:649–656.

Fu AY, Wenyin L, Deng X. Detecting phishing web pages with visual similarity assessment based on earth mover’s distance (EMD). IEEE T. Depend. Secure. 2006;3:301–311.

Gabber E, Gibbons PB, Kristol DM, Matias Y, Mayer A. Consistent, yet anonymous, Web access with LPWA. Commun. ACM. 1999;42:42–47.

Garera S, Provos N, Chew M, Rubin AD. A framework for detection and measurement of phishing attacks. Proceedings of the 2007 ACM workshop on Recurring malcode. ACM; 2007:1–8.

Gaurav, Madhuresh M, Anurag J. Anti-phishing techniques: a review. IJERA. 2012;2:350–355.

Hall M, Frank E, Holmes G, Pfahringer B, Reutemann P, Witten IH. The WEKA data mining software: an update. ACM SIGKDD Explor. Newsl. 2009;11:10–18.

Hariharan P, Asgharpour F, Camp LJ. Nettrust – recommendation system for embedding trust in a virtual realm. Proceedings of the ACM Conference on Recommender Systems. Citeseer; 2007.

Herzberg, A., Gbara, A., 2004. Trustbar: Protecting (even naive) web users from spoofing and phishing attacks. Computer Science Department Bar Ilan University, 6.

Herzberg A, Jbara A. Security and identification indicators for browsers against spoofing and phishing attacks. ACM T. Internet Techn. 2008;8:1–36.

Huang H, Qian L, Wang Y. A SVM-based technique to detect phishing URLs. Inform. Technol. J. 2012;11:921–925.

Jamieson R, Wee LAND LP, Winchester D, Stephens G, Steel A, Maurushat A, Sarre R. Addressing identity crime in crime management information systems: definitions, classification, and empirics. CLSR. 2012;28:381–395.

Ji C, Ma S. Combinations of weak classifiers. IEEE T. Neural Networks. 1997;8:32–42.

Jiawei, H., Kamber, M., 2001. Data Mining: Concepts and Techniques. Morgan Kaufmann, San Francisco, CA, 5.

Kim H, Huh J. Detecting DNS-poisoning-based phishing attacks from their network performance characteristics. Electron. Lett. 2011;47:656–658.

Kittler J, Hatef M, Duin RPW, Matas J. On combining classifiers. IEEE T. Pattern Anal. 1998;20:226–239.

Kristol, D. M., Gabber, E., Gibbons, P. B., Matias, Y. and Mayer, A. 1998. Design and implementation of the Lucent Personalized Web Assistant.(LPWA).

Kumaraguru P, Rhee Y, Acquisti A, Cranor LF, Hong J, Nunge E. Protecting people from phishing: the design and evaluation of an embedded training email system. Proceedings of the SIGCHI conference on Human factors in computing systems. ACM; 2007:905–914.

Lam L, Suen S. Application of majority voting to pattern recognition: An analysis of its behavior and performance. IEEE Trans. Syst., Man, Cybern. A, Syst., Humans. 1997;27:553–568.

Levy E. Criminals become tech savvy. IEEE Secur. Priv. 2004;2:65–68.

Li L, Helenius M. Usability evaluation of anti-phishing toolbars. JICV. 2007;3:163–184.

Liu G, Qiu B, Wenyin L. Automatic Detection of Phishing Target from Phishing Webpage. Pattern Recognition (ICPR), 2010 20th International Conference on, 2010. IEEE. 2010:4153–4156.

Liu W, Deng X, Huang G, Fu AY. An antiphishing strategy based on visual similarity assessment. IEEE Internet Comput. 2006;10:58–65.

Ma J, Saul LK, Savage S, Voelker GM. Identifying suspicious URLs: an application of large-scale online learning. Proceedings of the 26th Annual International Conference on Machine Learning. ACM; 2009:681–688.

Martin A, Anutthamaa N, Sathyavathy M, Francois MMS, Venkatesan DVP. A Framework for Predicting Phishing Websites Using Neural Networks. CoRR. 2011:1074.

Miyamoto D, Hazeyama H, Kadobayashi Y. SPS: a simple filtering algorithm to thwart phishing attacks. Lect. Notes Comput. Sc. 2005:195–209.

Miyamoto D, Hazeyama H, Kadobayashi Y. A proposal of the AdaBoost-based detection of phishing sites. Proceedings of the Joint Workshop on Information Security. 2007.

Moore T, Clayton R. Examining the impact of website take-down on phishing. Proceedings of the anti-phishing working groups 2nd annual eCrime researchers summit. ACM; 2007:1–13.

OpenDNS, L. L. C. PhishTank: an Anti-phishing Site

Parker J. Voting methods for multiple autonomous agents. Intelligent Information Systems, 1995. ANZIIS-95. Proceedings of the Third Australian and New Zealand Conference on, 1995. IEEE. 1995:128–133.

Provos N, Mcclain J, Wang K. Search worms. Proceedings of the 4th ACM workshop on Recurring malcode. ACM; 2006:1–8.

Rahman A, Alam H, Fairhurst M. Multiple classifier combination for character recognition: Revisiting the majority voting system and its variations. Lect. Notes Comput. Sc. 2002:167–178.

Rokach L. Ensemble-based classifiers. Artif. Intell. Rev. 2010;33:1–39.

Ronda T, Saroiu S, Wolman A. Itrustpage: a user-assisted anti-phishing tool. ACM SIGOPS Operating Systems Review. ACM; 2008:261–272.

Ross B, Jackson C, Miyake N, Boneh D, Mitchell JC. A browser plug-in solution to the unique password problem. Proceedings of the 14th Usenix Security Symposium. 2005.

RSA. Phishing special report: What we can expect for 2007? White Paper. 2006.

Ruta D, Gabrys B. An overview of classifier fusion methods. Comput. Inform. Syst. 2000;7:1–10.

Saberi A, Vahidi M, Bidgoli BM. Learn to Detect Phishing Scams Using Learning and Ensemble? Methods. Web Intelligence and Intelligent Agent Technology Workshops, 2007 IEEE/WIC/ACM International Conferences on, 2007. IEEE. 2007:311–314.

Schneider, F., Provos, N., Moll, R., Chew, M., Rakowski, B., 2009. Phishing protection: design documentation.

See Ng G, Singh H. Democracy in pattern classifications: combinations of votes from various pattern classifiers. Artif. Intell. Eng. 1998;12:189–204.

Shreeram V, Suban M, Shanthi P, Manjula K. Anti-phishing detection of phishing attacks using genetic algorithm. Communication Control and Computing Technologies (ICCCCT), 2010 IEEE International Conference on, 2010. IEEE. 2010:447–450.

Stajniak A, Szostakowski J, Skoneczny S. Mixed neural-traditional classifier for character recognition. Advanced Imaging and Network Technologies. Int. Soc. Optics Photonics. 1997:102–110.

Suen CY, Nadal C, Legault R, Mai TA, Lam L. Computer recognition of unconstrained handwritten numerals. IEEE Proc. 1992;80:1162–1180.

Todhunter I. History of the Mathematical Theory of Probability from the time of Pascal to that of Laplace. Macmillan and Company; 1865.

Toolan F, Carthy J. Phishing detection using classifier ensembles. eCrime Researchers Summit, 2009. eCRIME’09., 2009. IEEE. 2009:1–9.

Topkara M, Kamra A, Atallah M, Nita-Rotaru C. Viwid: Visible watermarking based defense against phishing. Digital Watermarking. 2005:470–483.

Tout H, Hafner W. Phishpin: An identity-based anti-phishing approach. Computational Science and Engineering, 2009. CSE’09. International Conference on, 2009. IEEE. 2009:347–352.

Whittaker C, Ryner B, Nazif M. Large-scale automatic classification of phishing pages. Proc. of 17th NDSS. 2010.

Willis P. Fake anti-virus software catches 43 million users’ credit cards. Digital J. 2009.

Wu M, Miller RC, Garfinkel SL. Do security toolbars actually prevent phishing attacks? Proceedings of the SIGCHI conference on Human Factors in computing systems. ACM; 2006:601–610.

Xiang G, Hong JI. A hybrid phish detection approach by identity discovery and keywords retrieval. Proceedings of the 18th international conference on World wide web. ACM; 2009:571–580.

Ye ZE, Smith S, Anthony D. Trusted paths for browsers. ACM T. Inform. Syst. Secur. 2005;8:153–186.

Zdziarski J, Yang W, Judge P. Approaches to Phishing Identification using Match and Probabilistic Digital Fingerprinting Techniques. Proc. MIT Spam Conf. 2006:1115–1122.

Zhang J, Ou Y, Li D, Xin Y. A prior-based transfer learning method for the phishing detection. J. Networks. 2012;7:1201–1207.

Zhang Y, Egelman S, Cranor L, Hong J. Phinding Phish: Evaluating Anti-Phishing Tools. ISOC; 2006.

Zhang Y, Hong JI, Cranor LF. Cantina: a content-based approach to detecting phishing web sites. Proceedings of the 16th international conference on World Wide Web. ACM; 2007:639–648.

Zhuang W, Jiang Q, Xiong T. An Intelligent Anti-phishing Strategy Model for Phishing Website Detection. Distributed Computing Systems Workshops (ICDCSW), 2012 32nd International Conference on, 2012. IEEE. 2012:51–56.