An Anti-Web Phishing Application for Analysing the Security of Websites

Year 2018, Volume: 6 Issue: 3, 146 - 152, 31.07.2018

T.p. Fowdur R. Abdool Khader

https://doi.org/10.17694/bajece.435864

Abstract

Nowadays, one of the major internet security
problems being faced is ‘Web Phishing’, whereby attackers get hold of the
personal and sensitive information of the internet users. Sometimes, attackers
create fake web pages just to mislead users and give them wrong information.
With the increase of more and more sophisticated attacks like Whale Phishing,
Spear Phishing, and Ransomware among others, internet users easily fall in
attackers’ traps. Most web browsers are not able to counteract or block these
attacks and hence internet users consider the spoofed webpages to be legitimate
ones and end up giving their details like credit cards details, passwords and
usernames among others. In this paper, an application has been developed in
Java that performs several tests on a URL, on the different hyperlinks present
on the web page and on the content of the web page and provides a security
rating to the internet user. Together with the percentage security, the user is
informed if the web page is safe, doubtful or unsafe. The security ratings of
several website domains such as, .gov, .co, .edu, .info, .mu, .ac, .org, .net,
.com were also  analysed. Furthermore,
tests using independent samples ANOVA and Tukey HSD were performed and they
revealed that there was a significant difference between the security ratings
of the websites.

Keywords

Phishing, IP, URL, Web Security

References

• Aaron G. and Rasmussen R., Global Phishing Survey: Trends and Domain Name Use in 2016, pp. 5, 2017.
• Chelliah G. A and Aruna S., Preventing Phishing Attacks Using Anti-Phishng Prevention Technique, International Journal of Engineering Development and Research, pp. 60- 63, 2014.
• Khan A. A., Preventing Phishing Attacks using One Time Password and User Machine Identification, International Journal of Computer Application, vol. 68, no. 3, pp. 7-11, 2013.
• Avast Support. 2018. Avast Online Security browser extension – Getting Started | Official Avast Support. [Online] Available at: https://support.avast.com/en-au/article/18/ [Accessed 23 November 2017]
• Safe Browsing – Google Safe Browsing. 2018. [Online] Available at: https://safebrowsing.google.com/ [Accessed 9 January 2018]
• Kirda E. and Krugel C., Protecting Users Against Phishing Attacks, The Computer Journal, vol. 00, no. 0, pp. 1-8, 2005.
• Naresh U., Sagar U. V. and Reddy C. V. M, Intelligent Phishing Website Detection and Prevention System by Using Link Guard Algorithm, IOSR Journal of Computer Engineering (IOSR-JCE), vol. 14, no. 3, pp. 28-36, 2013.
• WOT Services Ltd.,2018. Web of Trust (WOT) – Crowdsourced web safety | WOT (Web of Trust). [Online] Available at: https://www.mywot.com/en/aboutus [Accessed 10 September 2017]
• TrustWatch – WEB SITE VERIFICATION SERVICE. [Online] Available at: https://www.trustico.co.in/material/DS_TrustWatch.pdf [Accessed 29 October 2017]
• Jain A. K. and Gupta B. B., Phishing Detection: Analysis of Visual Similarity Based Approaches, Security and Communication Networks, vol. 2017, pp. 1-20, 2017
• Wanawe K., Awasare S. and Puri N. V., An Efficient Approach to Detecting Phising A Web Using K-Means and Naïve- Bayes Algorithms, International Journal of Research in Advent Technology, vol. 2, no. 3, pp. 106-111, 2014
• Alkhozae M. G. and Batarfi O. A., Phishing Websites Detection based on Phishing Characteristics in the Webpage Source Code, International Journal of Information and Communication Technology Research, vol. 1, no. 6, pp. 283-291, 2011
• The State of Security. 6 Common Phishing Attacks and How to Protect Against Them, 2018. [Online] Available at: https://www.tripwire.com/state-of-security/security-awareness/6-common-phishing-attacks-and-how-to-protect-against-them/ [Accessed 8 April 2018]
• Ho G., Sharma A., Javed M., Paxson V. and Wagner D., Detectimg Credential Spearphishing Attacks in Enterprise Settings, usenix, pp. 469-484, 2017.
• The State of Security. 6 Common Phishing Attacks and How to Protect Against Them, 2018. [Online] Available at: https://www.tripwire.com/state-of-security/security-awareness/6-common-phishing-attacks-and-how-to-protect-against-them/ [Accessed 8 April 2018]
• Chaudhry J. A, Chaudry S. A. and Rittenhouse R. G., Phishing Attacks and Defences. International Journal of Security and its Application, vol. 10, no. 1, pp. 247-256, 2016.
• Tracking Protection | Firefox Help. 2018. Tracking Protection | Firefox Help. [Online] Available at: https://support.mozilla.org/en-US/kb/tracking-protection [Accessed 3 January 2018]
• Lane D. M., Analysis of Variance. Online Statistics Education B. pp. 517-598
• Sun T, Spam Filtering based on Naïve Bayes Classification, pp. 1-42, 2009
• Heron E., Analysis of Variance – ANOVA, 2009. [Online] Available at: https://www.tcd.ie/medicine/neuropsychiatric-genetics/assets/pdf/2009_3_ANOVA.pdf [Accessed 9 December 2017]
• Analysis of Variance (ANOVA) [Online] Available at: https://www.calvin.edu/~scofield/courses/m143/materials/handouts/anova1And2.pdf [Accessed 15 December 2017]