TY - JOUR
T1 - Phishing and Spoofing Websites
T2 - Detection and Countermeasures
AU - Lai, Wee Liem
AU - Goh, Vik Tor
AU - Yap, Timothy Tzen Vun
AU - Ng, Hu
N1 - Funding Information:
ACKNOWLEDGMENT We sincerely appreciate and express gratitude for financial support from the Ministry of Higher Education, Malaysia, under the Fundamental Research Grant Scheme with grant number FRGS/1/2022/ICT07/MMU/03/1.
Publisher Copyright:
© (2023), All Rights Reserved.
PY - 2023/10/31
Y1 - 2023/10/31
N2 - Website phishing and spoofing occur when unsuspecting users are tricked into interacting with a fraudulent website designed to impersonate a legitimate one. This is done with the intention of stealing login credentials or other personal information. The goal of this project is to develop a multi-layered URL-based malicious website detection system to counter such attacks. The proposed system employs several defence mechanisms, including whitelist filtering, API requests to domain blacklist providers, and string comparison algorithms, to accurately identify and classify websites as either legitimate or malicious. In brief, the first layer provides an initial check by matching the domain of the intended website with a predefined whitelist, while the second layer queries APIVoid (a domain blacklist provider) to conduct additional checks for domain age and reputation. Finally, to prevent typographical errors that could unintentionally redirect users to a malicious website, the last layer compares the domain of the intended website with entries in the whitelist to identify any significant similarities using the Levenshtein distance algorithm. To evaluate the system's performance, a comprehensive testing phase was conducted on a dataset containing 30 randomly selected websites, encompassing various scenarios of malicious and legitimate websites. The results show a high true positive rate of 0.94 and an overall accuracy of 0.93, indicating the system's ability to accurately classify legitimate and malicious websites. The proposed system shows promising results in accurately classifying websites and enhancing user awareness to prevent phishing and spoofing attacks.
AB - Website phishing and spoofing occur when unsuspecting users are tricked into interacting with a fraudulent website designed to impersonate a legitimate one. This is done with the intention of stealing login credentials or other personal information. The goal of this project is to develop a multi-layered URL-based malicious website detection system to counter such attacks. The proposed system employs several defence mechanisms, including whitelist filtering, API requests to domain blacklist providers, and string comparison algorithms, to accurately identify and classify websites as either legitimate or malicious. In brief, the first layer provides an initial check by matching the domain of the intended website with a predefined whitelist, while the second layer queries APIVoid (a domain blacklist provider) to conduct additional checks for domain age and reputation. Finally, to prevent typographical errors that could unintentionally redirect users to a malicious website, the last layer compares the domain of the intended website with entries in the whitelist to identify any significant similarities using the Levenshtein distance algorithm. To evaluate the system's performance, a comprehensive testing phase was conducted on a dataset containing 30 randomly selected websites, encompassing various scenarios of malicious and legitimate websites. The results show a high true positive rate of 0.94 and an overall accuracy of 0.93, indicating the system's ability to accurately classify legitimate and malicious websites. The proposed system shows promising results in accurately classifying websites and enhancing user awareness to prevent phishing and spoofing attacks.
KW - domain name spoofing
KW - multilayer malicious website detection model
KW - Phishing attacks
KW - user alert system
UR - http://www.scopus.com/inward/record.url?scp=85175093391&partnerID=8YFLogxK
U2 - 10.18517/ijaseit.13.5.19037
DO - 10.18517/ijaseit.13.5.19037
M3 - Article
AN - SCOPUS:85175093391
SN - 2088-5334
VL - 13
SP - 1672
EP - 1678
JO - International Journal on Advanced Science, Engineering and Information Technology
JF - International Journal on Advanced Science, Engineering and Information Technology
IS - 5
ER -