Show simple item record

dc.contributor.authorLin, Y
dc.contributor.authorLiu, R
dc.contributor.authorDivakaran, DM
dc.contributor.authorNg, JY
dc.contributor.authorChan, QZ
dc.contributor.authorLu, Y
dc.contributor.authorSi, Y
dc.contributor.authorZhang, F
dc.contributor.authorDong, JS
dc.date.accessioned2022-02-03T02:56:14Z
dc.date.available2022-02-03T02:56:14Z
dc.date.issued2021
dc.identifier.isbn9781939133243en_US
dc.identifier.urihttp://hdl.handle.net/10072/411953
dc.description.abstractRecent years have seen the development of phishing detection and identification approaches to defend against phishing attacks. Phishing detection solutions often report binary results, i.e., phishing or not, without any explanation. In contrast, phishing identification approaches identify phishing webpages by visually comparing webpages with predefined legitimate references and report phishing along with its target brand, thereby having explainable results. However, there are technical challenges in visual analyses that limit existing solutions from being effective (with high accuracy) and efficient (with low runtime overhead), to be put to practical use. In this work, we design a hybrid deep learning system, Phishpedia, to address two prominent technical challenges in phishing identification, i.e., (i) accurate recognition of identity logos on webpage screenshots, and (ii) matching logo variants of the same brand. Phishpedia achieves both high accuracy and low runtime overhead. And very importantly, different from common approaches, Phishpedia does not require training on any phishing samples. We carry out extensive experiments using real phishing data; the results demonstrate that Phishpedia significantly outperforms baseline identification approaches (EMD, PhishZoo, and LogoSENSE) in accurately and efficiently identifying phishing pages. We also deployed Phishpedia with CertStream service and discovered 1,704 new real phishing websites within 30 days, significantly more than other solutions; moreover, 1,133 of them are not reported by any engines in VirusTotal.en_US
dc.description.peerreviewedYesen_US
dc.languageEnglishen_US
dc.publisherUsenix - The Advanced Computing Systems Associationen_US
dc.publisher.urihttps://www.usenix.org/conference/usenixsecurity21/presentation/linen_US
dc.relation.ispartofconferencename30th USENIX Security Symposiumen_US
dc.relation.ispartofconferencetitleProceedings of the 30th USENIX Security Symposiumen_US
dc.relation.ispartofdatefrom2021-08-11
dc.relation.ispartofdateto2021-08-13
dc.relation.ispartoflocationVirtualen_US
dc.relation.ispartofpagefrom3793en_US
dc.relation.ispartofpageto3810en_US
dc.subject.fieldofresearchSoftware engineeringen_US
dc.subject.fieldofresearchcode4612en_US
dc.titlePhishpedia: A hybrid deep learning based approach to visually identify phishing webpagesen_US
dc.typeConference outputen_US
dc.type.descriptionE1 - Conferencesen_US
dcterms.bibliographicCitationLin, Y; Liu, R; Divakaran, DM; Ng, JY; Chan, QZ; Lu, Y; Si, Y; Zhang, F; Dong, JS, Phishpedia: A hybrid deep learning based approach to visually identify phishing webpages, Proceedings of the 30th USENIX Security Symposium, 2021, pp. 3793-3810en_US
dc.date.updated2022-02-02T23:58:55Z
dc.description.versionVersion of Record (VoR)en_US
gro.rights.copyright© USENIX 2021. The attached file is reproduced here in accordance with the copyright policy of the publisher. Please refer to the journal's website for access to the definitive, published version.en_US
gro.hasfulltextFull Text
gro.griffith.authorDong, Jin-Song


Files in this item

This item appears in the following Collection(s)

  • Conference outputs
    Contains papers delivered by Griffith authors at national and international conferences.

Show simple item record