Detecting Fake Websites Using Swarm Intelligence Mechanism in Human Learning

Authors

1 Department of Computer Engineering, Kerman branch, Islamic Azad University, Kerman, Iran

2 Department of Computer Engineering, Bardsir branch, Islamic Azad University, Bardsir, Iran

Abstract

The internet and its various services have made users to easily communicate with each other. Internet benefits including online business and e-commerce. E-commerce has boosted online sales and online auction types. Despite their many uses and benefits, the internet and their services have various challenges, such as information theft, which challenges the use of these services. Information theft or phishing attacks are internet attacks that are major approach to success it is social engineering that the phisher has used. In these types of attacks, the attacker deceives the users and steals their valuable information by using a fake website that looks like real websites. The damage caused by fake websites and phishing attacks is so high that researchers are trying to identify these types of websites in different ways. So far, various methods have been developed to identify phishing web sites which most of them based on data- mining and learning machine are trying to identify these malicious websites. Artificial neural network is a data-mining method for identifying phishing websites which is used in most studies; however the error rate of this can be significant in detecting these websites, so learning-based optimization algorithm is used as a Swarm intelligence algorithm to reduce its error. In the proposed method, the error rate of multi-layer artificial neural network in detecting phishing websites is considered as a target function which minimized by using learning-based optimization algorithm. In the proposed method, learning- based optimization algorithm selects weights and bias of multi-layer artificial neural network optimally to minimize the error of clssification as an objective function. The datasets used to evaluate the proposed method are Phishing Websites explaind by others.  The results of evaluating phishing attack dataset indicate that the rate of error of fake website detection in the proposed method is constantly reduced by repetition. The results of our assessment also indicate that the average accuracy, sensitivity, specificity, precision of the proposed method are 93.42, 92.27, 93.19 and 92.78%, respectively. The decision tree and regression are more accurate in detecting fake websites than artificial neural network.

Keywords


1.     Cotten, S.R., Ford, G., Ford, S. and Hale, T.M., "Internet use and depression among older adults", Computers in Human Behavior,  Vol. 28, No. 2, (2012), 496-499.

2.     Tsang, S., Koh, Y.S., Dobbie, G. and Alam, S., "Detecting online auction shilling frauds using supervised learning", Expert Systems with Applications,  Vol. 41, No. 6, (2014), 3027-3040.

3.     Derouet, E., "Fighting phishing and securing data with email authentication", Computer Fraud & Security,  Vol. 2016, No. 10, (2016), 5-8.

4.     Krombholz, K., Hobel, H., Huber, M. and Weippl, E., "Advanced social engineering attacks", Journal of Information Security and applications,  Vol. 22, (2015), 113-122.

5.     Chawla, M. and Chouhan, S.S., "A survey of phishing attack techniques", International Journal of Computer Applications,  Vol. 93, No. 3, (2014).

6.     Basnet, R.B., Sung, A.H. and Liu, Q., "Feature selection for improved phishing detection", in International Conference on Industrial, Engineering and Other Applications of Applied Intelligent Systems, Springer., (2012), 252-261.

7.     James, L., "Phishing exposed, Elsevier,  (2005).

8.     May, O.A.D., "23, 2011 from the us patent and trademark office re", US Applied,  No. 11/980,690.

9.     Qi, M. and Yang, C., "Research and design of phishing alarm system at client terminal", in Services Computing, 2006. APSCC'06. IEEE Asia-Pacific Conference on, IEEE., (2006), 597-600.

10.   Kirda, E. and Kruegel, C., "Protecting users against phishing attacks with antiphish", in Computer Software and Applications Conference, 2005. COMPSAC 2005. 29th Annual International, IEEE. Vol. 1, (2005), 517-524.

11.   Zhang, Y., Hong, J.I. and Cranor, L.F., "Cantina: A content-based approach to detecting phishing web sites", in Proceedings of the 16th international conference on World Wide Web, ACM. (2007), 639-648.

12.   Intelligence, M., "Annual security report", Symantec Corp,  (2010), http://www.symantec.com/connect/blogs/messagelabsintelligence-annual-security-report-2009-security-yearreview.

13.   Mohammad, R.M., Thabtah, F. and McCluskey, L., "Tutorial and critical analysis of phishing websites methods", Computer Science Review,  Vol. 17, (2015), 1-24.

14.   Iuga, C., Nurse, J.R. and Erola, A., "Baiting the hook: Factors impacting susceptibility to phishing attacks", Human-centric Computing and Information Sciences,  Vol. 6, No. 1, (2016), 8.

15.   Jain, A.K. and Gupta, B.B., "Phishing detection: Analysis of visual similarity based approaches", Security and Communication Networks,  Vol. 2017, No., (2017).

16.   Khonji, M., Iraqi, Y. and Jones, A., "Phishing detection: A literature survey", IEEE Communications Surveys & Tutorials,  Vol. 15, No. 4, (2013), 2091-2121.

17.   Rao, R.V., Savsani, V.J. and Vakharia, D., "Teaching–learning-based optimization: An optimization method for continuous non-linear large scale problems", Information Sciences,  Vol. 183, No. 1, (2012), 1-15.

18.   Mohammad, R., Thabtah, F.A. and McCluskey, T., "Phishing websites dataset",  (2015).