Browser Extension based Hybrid Anti-Phishing Framework using Feature Selection

Swati Maurya; Harpreet Singh Saini; Anurag Jain

doi:10.14569/IJACSA.2019.0101178

Article Details

Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

Browser Extension based Hybrid Anti-Phishing Framework using Feature Selection

Author 1: Swati Maurya

Author 2: Harpreet Singh Saini

Author 3: Anurag Jain

Full Text

Digital Object Identifier (DOI) : 10.14569/IJACSA.2019.0101178

Article Published in International Journal of Advanced Computer Science and Applications(IJACSA), Volume 10 Issue 11, 2019.

Abstract and Keywords
How to Cite this Article
{} BibTeX Source

Abstract: Phishing is one of the socially engineered cyberse-curity attacks where the attacker impersonates a genuine and legitimate website source and sends emails with the intention of stealing sensitive personal information. The phishing websites’ URLs are usually spread through emails by luring the users to click on them or by embedding the link to fake website replicating any genuine e-commerce website inside the invoice or other documents. The phishing problem is very wide and no single solution exists to mitigate all the vulnerabilities properly. Thus, multiple techniques are often combined and implemented to mitigate specific attacks. The primary objective of this paper is to propose an efficient and effective anti-phishing solution that can be implemented at the client-side in the form of a browser extension and should be capable to handle real-time scenarios and zero-day attacks. The proposed approach works efficiently for any phishing link carrier mode as the execution on clicking on any link or manually entering URL in the browser doesn’t proceed unless the proposed framework approves that the website associated with that URL is genuine. Also, the proposed framework is capable to handle DNS cache poisoning attacks even if the system’s DNS cache is somehow infected. This paper first presents a comprehensive review that broadly discusses the phishing life cycle and available anti-phishing countermeasures. The proposed framework considers the pros and cons of existing methodologies and presents a robust solution by combining the best features to ensure that a fast and accurate response is achieved. The effectiveness of the approach is tested in a real-time dataset consisting of live phishing and legitimate website URLs and the framework is found to be 98.1% accurate in identifying websites correctly in very less time.

Keywords: Anti-phishing; browser extension; machine learn-ing; feature selection

Swati Maurya, Harpreet Singh Saini and Anurag Jain, “Browser Extension based Hybrid Anti-Phishing Framework using Feature Selection” International Journal of Advanced Computer Science and Applications(IJACSA), 10(11), 2019. http://dx.doi.org/10.14569/IJACSA.2019.0101178

@article{Maurya2019,
title = {Browser Extension based Hybrid Anti-Phishing Framework using Feature Selection},
journal = {International Journal of Advanced Computer Science and Applications}
doi = {10.14569/IJACSA.2019.0101178},
url = {http://dx.doi.org/10.14569/IJACSA.2019.0101178},
year = {2019},
publisher = {The Science and Information Organization},
volume = {10},
number = {11},
author = {Swati Maurya and Harpreet Singh Saini and Anurag Jain},
}