An Anti-Phishing Kit Scheme for Secure Web Transactions

In this work, an anti-phishing approach was proposed against phishing pages generated by phishing kits. The architecture consists of a Sorter Module (SM) and Signature Detection Module (SDM). The SM is used to separate pages with login attributes and obfuscated scripts from other pages within the system. These sorted pages are fed into the SDM, where the signature of the suspicious page is generated. In SDM, a two-tier classifier is employed to generate phishing label based on signature analysis. Experimental results of the approach indicated a detection accuracy of 100% on specific phishing kit-generated sites and 98% on general phishing/legitimate data. To determine the detection time of the approach, latency analysis of the system was performed. The results indicated a latency 0.3s and standard deviation of 0.367s for the various operations performed by the system during detection. Thus, the approach effectively detects phishing pages by using ` fingerprints' from phishing kits.