基於圖像之敏感資訊輸入框檢測架構—用於釣魚網站檢測

Shih-Chun Lin; 林士鈞

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/85223

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	林宗男(Tsung-Nan Lin)
dc.contributor.author	Shih-Chun Lin	en
dc.contributor.author	林士鈞	zh_TW
dc.date.accessioned	2023-03-19T22:51:16Z	-
dc.date.copyright	2022-08-05
dc.date.issued	2022
dc.date.submitted	2022-08-01
dc.identifier.citation	S. Abdelnabi, K. Krombholz, and M. Fritz. Visualphishnet: Zero-day phishing website detection by visual similarity. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pages 1681–1698, 2020. M. A. Adebowale, K. T. Lwin, E. Sanchez, and M. A. Hossain. Intelligent webphishing detection and protection scheme using integrated features of images, frames and text. Expert Systems with Applications, 115:300–313, 2019. K. Althobaiti, G. Rummani, and K. Vaniea. A review of human-and computer-facing url phishing features. In 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pages 182–191. IEEE, 2019. APWG. Phishing activity trends report - 1st quarter, 2021. A. C. Bahnsen, I. Torroledo, L. D. Camacho, and S. Villegas. Deepphish: simulating malicious ai. In 2018 APWG symposium on electronic crime research (eCrime), pages 1–8, 2018. A. Blum, B. Wardman, T. Solorio, and G. Warner. Lexical feature based phishing url detection using online learning. In Proceedings of the 3rd ACM Workshop on Artificial Intelligence and Security, pages 54–60, 2010. A. S. Bozkir and M. Aydos. Logosense: A companion hog based logo detection scheme for phishing web page and e-mail brand recognition. Computers & Security, 95:101855, 2020. D. Canali, M. Cova, G. Vigna, and C. Kruegel. Prophiler: a fast filter for the largescale detection of malicious web pages. In Proceedings of the 20th international conference on World wide web, pages 197–206, 2011. M. Chawla and S. S. Chouhan. A survey of phishing attack techniques. International Journal of Computer Applications, 93(3), 2014. K.-T. Chen, J.-Y. Chen, C.-R. Huang, and C.-S. Chen. Fighting phishing with discriminative keypoint features. IEEE Internet Computing, 13(3):56–63, 2009. K. L. Chiew, E. H. Chang, W. K. Tiong, et al. Utilisation of website logo for phishing detection. Computers & Security, 54:16–26, 2015. K. L. Chiew, C. L. Tan, K. Wong, K. S. Yong, and W. K. Tiong. A new hybrid ensemble feature selection framework for machine learning-based phishing detection system. Information Sciences, 484:153–166, 2019. M. Dunlop, S. Groat, and D. Shelly. Goldphish: Using images for content-based phishing analysis. In 2010 Fifth international conference on internet monitoring and protection, pages 123–128. IEEE, 2010. A. Y. Fu, L. Wenyin, and X. Deng. Detecting phishing web pages with visual similarity assessment based on earth mover’s distance (emd). IEEE transactions on dependable and secure computing, 3(4):301–311, 2006. R. Gowtham and I. Krishnamurthi. A comprehensive and efficacious architecture for detecting phishing webpages. Computers & Security, 40:23–37, 2014. K. He, X. Zhang, S. Ren, and J. Sun. Deep residual learning for image recognition. In Proceedings of the IEEE conference on computer vision and pattern recognition, pages 770–778, 2016. P. Institute. Cost of data breach report 2021. 2021. M. T. Jafar, M. Al-Fawa＇reh, M. Barhoush, and M. H. Alshira＇H. Enhancеd analysis approach to detect phishing attacks during covid-19 crisis. Cybernetics and Information Technologies, 22(1):60–76, 2022. JaidedAI. Easyocr, 2020. A. K. Jain and B. B. Gupta. Phishing detection: analysis of visual similarity based approaches. Security and Communication Networks, 2017, 2017. A. K. Jain and B. B. Gupta. Detection of phishing attacks in financial and ebanking websites using link and visual similarity relation. International Journal of Information and Computer Security, 10(4):398–417, 2018. A. K. Jain and B. B. Gupta. A machine learning based approach for phishing detection using hyperlinks information. Journal of Ambient Intelligence and Humanized Computing, 10(5):2015–2028, 2019. G. Ke, Q. Meng, T. Finley, T. Wang, W. Chen, W. Ma, Q. Ye, and T.-Y. Liu. Lightgbm: A highly efficient gradient boosting decision tree. Advances in neural information processing systems, 30:3146–3154, 2017. H. Le, Q. Pham, D. Sahoo, and S. C. Hoi. Urlnet: Learning a url representation with deep learning for malicious url detection. arXiv preprint arXiv:1802.03162, 2018. S.-C. Lin, P.-C. Wu, H.-Y. Chen, T. Morikawa, T. Takahashi, and T.-N. Lin. Senseinput: An image-based sensitive input detection scheme for phishing website detection. In ICC 2022-IEEE International Conference on Communications, pages 1–7. IEEE, 2022. T.-Y. Lin, P. Dollár, R. Girshick, K. He, B. Hariharan, and S. Belongie. Feature pyramid networks for object detection. In Proceedings of the IEEE conference on computer vision and pattern recognition, pages 2117–2125, 2017. Y. Lin, R. Liu, D. M. Divakaran, J. Y. Ng, Q. Z. Chan, Y. Lu, Y. Si, F. Zhang, and J. S. Dong. Phishpedia: a hybrid deep learning based approach to visually identify phishing webpages. In 30th USENIX Security Symposium (USENIX Security 21), pages 3793–3810, 2021. W. Liu, X. Deng, G. Huang, and A. Y. Fu. An antiphishing strategy based on visual similarity assessment. IEEE Internet Computing, 10(2):58–65, 2006. J. Mao, W. Tian, P. Li, T. Wei, and Z. Liang. Phishing-alarm: robust and efficient phishing detection via page component similarity. IEEE Access, 5:17020–17030, 2017. S. Marchal, K. Saari, N. Singh, and N. Asokan. Know your phish: Novel techniques for detecting phishing sites and their targets. In 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS), pages 323–333. IEEE, 2016. E. Medvet, E. Kirda, and C. Kruegel. Visual-similarity-based phishing detection. In Proceedings of the 4th international conference on Security and privacy in communication netowrks, pages 1–6, 2008. MITRE. Initial access, 2021. E. Mityukov, A. Zatonsky, P. Plekhov, and N. Bilfeld. Phishing detection model using the hybrid approach to data protection in industrial control system. In IOP Conference Series: Materials Science and Engineering, volume 537, page 052014. IOP Publishing, 2019. R. M. Mohammad, F. Thabtah, and L. McCluskey. Tutorial and critical analysis of phishing websites methods. Computer Science Review, 17:1–24, 2015. F. Pedregosa, G. Varoquaux, A. Gramfort, V. Michel, B. Thirion, O. Grisel, M. Blondel, P. Prettenhofer, R. Weiss, V. Dubourg, et al. Scikit-learn: Machine learning in python. the Journal of machine Learning research, 12:2825–2830, 2011. R. S. Rao, T. Vaishnavi, and A. R. Pais. Catchphish: detection of phishing websites by inspecting urls. Journal of Ambient Intelligence and Humanized Computing, 11(2):813–825, 2020. S. Ren, K. He, R. Girshick, and J. Sun. Faster r-cnn: Towards real-time object detection with region proposal networks. Advances in neural information processing systems, 28:91–99, 2015. A. P. Rosiello, E. Kirda, F. Ferrandi, et al. A layout-similarity-based approach for detecting phishing pages. In 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops-SecureComm 2007, pages 454–463. IEEE, 2007. O. K. Sahingoz, E. Buber, O. Demir, and B. Diri. Machine learning based phishing detection from urls. Expert Systems with Applications, 117:345–357, 2019. D. Sahoo, C. Liu, and S. C. Hoi. Malicious url detection using machine learning: A survey. arXiv preprint arXiv:1701.07179, 2017. M. Sameen, K. Han, and S. O. Hwang. Phishhaven—an efficient real-time ai phishing urls detection system. IEEE Access, 8:83425–83443, 2020. H. Shirazi, B. Bezawada, and I. Ray. ” kn0w thy doma1n name” unbiased phishing detection using domain name based features. In Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies, pages 69–75, 2018. C. L. Tan, K. L. Chiew, K. Wong, et al. Phishwho: Phishing webpage detection via identity keywords extraction and target domain name finder. Decision Support Systems, 88:18–27, 2016. K. Thomas, F. Li, A. Zand, J. Barrett, J. Ranieri, L. Invernizzi, Y. Markov, O. Comanescu, V. Eranti, A. Moscicki, et al. Data breaches, phishing, or malware? understanding the risks of stolen credentials. In Proceedings of the 2017 ACM SIGSAC conference on computer and communications security, pages 1421–1434, 2017. K. Tian, S. T. Jan, H. Hu, D. Yao, and G. Wang. Needle in a haystack: Tracking down elite phishing domains in the wild. In Proceedings of the Internet Measurement Conference 2018, pages 429–442, 2018. Verizon. 2021 data breach investigations report (dbir). 2021. Verizon. 2022 data breach investigations report (dbir). 2022. D. Y. Weider, S. Nargundkar, and N. Tiruthani. A phishing vulnerability analysis of web based systems. In 2008 IEEE Symposium on Computers and Communications, pages 326–331. IEEE, 2008. G. Xiang, J. Hong, C. P. Rose, and L. Cranor. Cantina+ a feature-rich machine learning framework for detecting phishing web sites. ACM Transactions on Information and System Security (TISSEC), 14(2):1–28, 2011. H. Zhang, G. Liu, T. W. Chow, and W. Liu. Textual and visual content-based antiphishing: a bayesian approach. IEEE transactions on neural networks, 22(10):1532– 1546, 2011. W. Zhang, Q. Jiang, L. Chen, and C. Li. Two-stage elm for phishing web pages detection using hybrid features. World Wide Web, 20(4):797–813, 2017. Y. Zhang, J. I. Hong, and L. F. Cranor. Cantina: a content-based approach to detecting phishing web sites. In Proceedings of the 16th international conference on World Wide Web, pages 639–648, 2007.
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/85223	-
dc.description.abstract	隨著釣魚網站近年來的演變，網路釣魚持續對網際網路造成威脅。先前有許多相關研究致力於提取有用的特徵，並專注於釣魚網站的必要組成元件，其中一個必要組成元件是與敏感訊息相關之敏感輸入框。然而，由於網頁設計種類繁多，檢測網頁是否存在敏感輸入並非易事。一些先前的研究提供了基於規則的方法，從 HTML 程式碼檢測含有敏感輸入框的登入表單。但是，新型釣魚網站會根據檢測規則修改 HTML 程式碼，導致檢測的準確度降低。為了克服先前研究的侷限性，我們提出一個架構 SenseInput，混合了不同深度學習模型，從網頁截圖檢測是否含有敏感輸入框與敏感訊息，因為釣魚網站最終會在視覺內容中呈現敏感輸入框。在我們蒐集的資料集和公開資料集 Phishpedia Phish30K 上，SenseInput 的敏感輸入框偵測分別達到 96.94% 與 96.73% f1-score。接著，我們使用 22 個特徵進行網路釣魚檢測，其中包含本研究提出的 7 個統計特徵和 2 個敏感輸入特徵。實驗結果表明，我們的釣魚偵測方法分別在驗證資料集與 Phishpedia 資料集上達到 98.48% 與 95.87% f1-score，兩者皆勝過之前相關研究的方法。最後，我們研究敏感輸入特徵對於釣魚網站偵測之影響，實驗結果表明，我們的敏感輸入特徵比過往基於規則偵測出的登錄表單更有效。此外，實驗還表明，我們提出的敏感輸入特徵可以減少不同資料集間之偏差影響。	zh_TW
dc.description.abstract	Phishing has persistently posed threats to the World Wide Web as phishing websites evolve over these years. Many previous works were devoted to extracting useful features and focused on the essential components of phishing websites. One of the essential components is sensitive inputs which require sensitive information. Yet, due to a large variety of web designs, detecting the existence of sensitive inputs is not trivial. Some previous works have provided rule-based approaches to detect login forms, which contain sensitive inputs, using HTML codes. However, the novel phishing websites modify HTML codes against the detection rules, which causes less accurate detection. To overcome the limitation of previous works, we proposed SenseInput using hybrid deep learning models to detect the existence of sensitive inputs and sensitive information because phishing websites eventually present sensitive inputs in their visual content. SenseInput achieved 96.94% f1-score for sensitive input detection on our dataset and 96.73% f1-score on a public dataset, Phishpedia Phish30K. Next, we used 22 features involving the proposed seven statistical features and two sensitive input features for phishing detection. The experiment shows that our approach achieves 98.48% and 95.87% f1-score on our validation and Phishpedia datasets, outperforming previous approaches. Finally, we investigated the influence of sensitive input features. The result shows that our sensitive input features are more effective than the rule-based login form. Besides, the experiment also indicates that proposed sensitive input features can reduce the impact of bias between different datasets.	en
dc.description.provenance	Made available in DSpace on 2023-03-19T22:51:16Z (GMT). No. of bitstreams: 1 U0001-2707202222074100.pdf: 1628554 bytes, checksum: a0adeeacc63fe4857072b2bae0193299 (MD5) Previous issue date: 2022	en
dc.description.tableofcontents	Acknowledgements i 摘要 iii Abstract v Contents vii List of Figures ix List of Tables xi Chapter 1 Introduction 1 Chapter 2 Related Works 7 2.1 URL-Based and HTML-Based Approaches . . . . . . . . . . . . . . 7 2.2 Image-based Approach . . . . . . . . . . . . . . . . . . . . . . . . . 8 Chapter 3 Proposed Method 11 3.1 Sensitive Input Detection . . . . . . . . . . . . . . . . . . . . . . . . 13 3.2 Sensitive Information Recognition . . . . . . . . . . . . . . . . . . . 15 3.3 Statistical URL and HTML Features . . . . . . . . . . . . . . . . . . 16 3.4 Machine Learning Classifiers . . . . . . . . . . . . . . . . . . . . . 19 Chapter 4 Experiment 21 4.1 Dataset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 4.2 Evaluation Metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 4.3 Evaluation of Sensitive Input Detection . . . . . . . . . . . . . . . . 24 4.4 Evaluation of Sensitive Information Recognition . . . . . . . . . . . 25 4.5 Evaluation of Phishing Detection . . . . . . . . . . . . . . . . . . . 27 4.6 Additional Evaluation with Different Classifiers . . . . . . . . . . . 30 4.7 Time Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 Chapter 5 Conclusion 35 References 37
dc.language.iso	en
dc.subject	機器學習	zh_TW
dc.subject	釣魚偵測	zh_TW
dc.subject	電腦視覺	zh_TW
dc.subject	物件偵測	zh_TW
dc.subject	Object Detection	en
dc.subject	Machine Learning	en
dc.subject	Computer Vision	en
dc.subject	Phishing Detection	en
dc.title	基於圖像之敏感資訊輸入框檢測架構—用於釣魚網站檢測	zh_TW
dc.title	SenseInput: An Image-Based Sensitive Input Detection Scheme for Phishing Website Detection	en
dc.type	Thesis
dc.date.schoolyear	110-2
dc.description.degree	碩士
dc.contributor.author-orcid	0000-0001-8845-2148
dc.contributor.oralexamcommittee	鄧惟中(Wei-Chung Teng),陳俊良(Jiann-Liang Chen),蔡子傑(Tzu-Chieh Tsai)
dc.subject.keyword	釣魚偵測,電腦視覺,物件偵測,機器學習,	zh_TW
dc.subject.keyword	Phishing Detection,Computer Vision,Object Detection,Machine Learning,	en
dc.relation.page	43
dc.identifier.doi	10.6342/NTU202201802
dc.rights.note	同意授權(限校園內公開)
dc.date.accepted	2022-08-02
dc.contributor.author-college	電機資訊學院	zh_TW
dc.contributor.author-dept	電信工程學研究所	zh_TW
dc.date.embargo-lift	2022-08-05	-
顯示於系所單位：	電信工程學研究所

文件中的檔案：

檔案	大小	格式
U0001-2707202222074100.pdf 授權僅限NTU校內IP使用（校園外請利用VPN校外連線服務）	1.59 MB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。