Research On Phishing Websites Detection Based On Neural Networks

The explosive increase in the number of Internet users caused by the information age has not only injected new impetus into the world's economic growth,but also brought profit for malicious hackers.As one of the social engineering attacks,phishing makes use of the weakness of human nature to commit crimes by forging its identity,and gradually becomes an online attack form with the most serious economic harm and the most combination with other attack means among various Internet frauds.Although network security personnel have put forward a series of methods to detect phishing websites,it is more difficult for traditional methods to extract features of new phishing websites due to the continuous development of phishing website concealment means.The appearance of neural network makes it possible to extract visual features with high precision,so that the way of feature extraction can extract both the features from server files and the features from images seen by a natural person.It is becoming a new hot issue in the detection research of phishing website on how to remove the hidden barrier of phishing websites and achieve the transcendence in which "while the priest climbs a post,the devil climbs ten" on the phishing website detection road with the help of the emerging neural network technology.We proposed a phishing website detection method where feature extraction based on neural networks is combined with heuristic rule and search engines for judgment.In the context of anonymity of phishing websites,the research on the phishing website detection method was taken from feature extraction and pre-processing,website identification traceability,web-page filtering and phishing suspicion judgment,to make some achievements on the anonymity avoidance and detection of phishing websites.The innovation and research are mainly shown below:(1)Taking neutral networks extracting text features as basis,we proposed to use colorfulness,text location and size,and other features to determine key words identifying phishing websites,established 4 layers of cascading matching rules of identification key words.Compared with conventional methods which use TF-IDF or location to determine identification key words,the method proposed has an accuracy of identification key words by 2%.(2)By introducing Shodan network cyberspace security engines,we proposed a dual-traceability mechanism based on identification key words and favicon icons.At the pending phase of introducing “websites without direct phishing risks”,the first round of traceability dominated by identification key words was combined with the second round by favicon hash,to compensate for each other and enhance performance.(3)We proposed the NNIS phishing website detection method,which consists of image feature extraction based on neutral networks,identification key works traceability based on image features,and phishing website judgment based on search engines and heuristic rules.Finally,the accuracy reaches 98%,which matches well the Matthew's Correlation Coefficient of 0.9602.