WhiteNet: Phishing Website Detection by Visual Whitelists
share
Phishing websites aiming at stealing users' information by claiming fake identities and impersonating visual profiles belonging to trustworthy websites are still a major threat for today's Internet thread. Therefore, detecting visual similarity to a set of whitelisted legitimate websites was often used in phishing detection literature. Despite numerous previous efforts, these methods are either evaluated on datasets with severe limitations or assume a close copy of the targeted legitimate webpages, which makes them easy to be bypassed. This paper contributes WhiteNet, a new similarity-based phishing detection framework, i.e., a triplet network with three shared Convolutional Neural Networks (CNNs). We furthermore present WhitePhish, an improved dataset to evaluate WhiteNet and other frameworks in an ecologically valid manner. WhiteNet learns profiles for websites in order to detect zero-day phishing websites and achieves an area of 0.9879 under the ROC curve of legitimate versus phishing binary classification which outperforms re-implemented state-of-the-art methods. WhitePhish is an extended dataset based on an in-depth analysis of whitelist sources and dataset characteristics.
READ FULL TEXT
