You are viewing a javascript disabled version of the site. Please enable Javascript for this site to function properly.
Go to headerGo to navigationGo to searchGo to contentsGo to footer
In content section. Select this link to jump to navigation

Directed adversarial sampling attacks on phishing detection

Article type: Research Article

Authors: Shirazi, Hosseina | Bezawada, Bruhadeshwarb | Ray, Indrakshia; * | Anderson, Chucka

Affiliations: [a] Colorado State University, Fort Collins CO 80523, USA. E-mail: [email protected] | [b] Indian Institute of Technology Jammu, Jammu & Kashmir, India

Correspondence: [*] Corresponding author. E-mail: [email protected].

Abstract: Phishing websites trick honest users into believing that they interact with a legitimate website and capture sensitive information, such as user names, passwords, credit card numbers, and other personal information. Machine learning is a promising technique to distinguish between phishing and legitimate websites. However, machine learning approaches are susceptible to adversarial learning attacks where a phishing sample can bypass classifiers. Our experiments on publicly available datasets reveal that the phishing detection mechanisms are vulnerable to adversarial learning attacks. We investigate the robustness of machine learning-based phishing detection in the face of adversarial learning attacks. We propose a practical approach to simulate such attacks by generating adversarial samples through direct feature manipulation. To enhance the sample’s success probability, we describe a clustering approach that guides an attacker to select the best possible phishing samples that can bypass the classifier by appearing as legitimate samples. We define the notion of vulnerability level for each dataset that measures the number of features that can be manipulated and the cost for such manipulation. Further, we clustered phishing samples and showed that some clusters of samples are more likely to exhibit higher vulnerability levels than others. This helps an adversary identify the best candidates of phishing samples to generate adversarial samples at a lower cost. Our finding can be used to refine the dataset and develop better learning models to compensate for the weak samples in the training dataset.

Keywords: Phishing, machine learning, adversarial sampling, classifiers

DOI: 10.3233/JCS-191411

Journal: Journal of Computer Security, vol. 29, no. 1, pp. 1-23, 2021

Published: 3 February 2021
Price: EUR 27.50
Show more