| Social engineering attack is a new type of network attack emerged in recent years,which used by hackers through human weaknesses to carry out network attacks.The attack using social engineering methods have shown an upward trend or even a flood in recent years.Above this,phishing emails is one of the main forms of the social engineering attack.So,it has great significance to research phishing emails detection technology.Based on the research of email,this paper makes a deep research on the attack mode and attack process of phishing emails,and analyzes the commonly camouflage methods used in phishing emails,which lays the foundation for the detection of phishing emails.In this paper,in-depth analysis of phishing emails detection methods at home and abroad is carried out,which researched the features in the method and the masquerading methods in phishing emails.The features in phishing emails detection are mainly divided into four categories,which are the email header features,the email body features,the email link features,and the email script features.It is difficult to disguise the link-related features,and recent studies have shown that phishing emails use psychological weakness to increase the probability of successful fishing,so there are some related psychological words in phishing emails.This paper innovates a new phishing emails detection method based on link and psychology features.Link-related features in the method are from the traditional phishing emails detection methods.Psychological features used in the method are some psychological features in LIWC mental dictionary.The extraction of psychological features are improved to count the relative number of occurrence of words related to psychological features in the text,to counteract the influence of text length.Simulations are performed to verify the effectiveness of this method in phishing emails detection.On this basis,the phishing emails detection system in this paper has been designed and implemented in detail,and the features and classification algorithms used by the system are selected.The various parts of the system from the emails preprocessing module?the classifier model?updating module and the mail detection module have been detailed designed and finally combined to achieve the implementation of the entire system.Through systematic testing,the results prove that the system can effectively detect phishing emails,and the added psychological characteristics and the improvement of psychological features scores are also effective.The entire system of phishing emails detection accuracy can reach to an extremely high level,and provide a strong guarantee to defend phishing emails attacks. |
PDF Full Text Request