Abstract: Phishing tricks to steal personal or credential information by entering victims into a forged website similar to the original site, and urging them to enter their information believing that this site is legitimate. The number of internet users who are becoming victims of phishing attacks is increasing beside that phishing attacks have become more sophisticated. In this paper we propose a client-side solution to protect against phishing attacks which is a Firefox extension integrated as a toolbar that is responsible for checking whether recipient website is trusted or not by inspecting URLs of each requested webpage. If the site is suspicious the toolbar is going to block it. Every URL is evaluated corresponding to features extracted from it. Three heuristics (primary domain, sub domain, and path) and Naïve Bayes classification using four lexical features combined with page ranking received from two different services (Alexa, and Google page rank) used to classify URL. The proposed method requires no server changes and will prevent internet users from fraudulent sites especially from phishing attacks based on deceptive URLs. Experimental results show that our approach can achieve 48% accuracy ratio using a test set of 246 URL, and 87.5% accuracy ratio by excluding NB addition tested over 162 URL.

Firdous Kausar, Bushra Al-Otaibi, Asma Al-Qadi and Nwayer Al-Dossari, “Hybrid Client Side Phishing Websites Detection Approach” International Journal of Advanced Computer Science and Applications(IJACSA), 5(7), 2014. http://dx.doi.org/10.14569/IJACSA.2014.050720

@article{Kausar2014,
title = {Hybrid Client Side Phishing Websites Detection Approach},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2014.050720},
url = {http://dx.doi.org/10.14569/IJACSA.2014.050720},
year = {2014},
publisher = {The Science and Information Organization},
volume = {5},
number = {7},
author = {Firdous Kausar and Bushra Al-Otaibi and Asma Al-Qadi and Nwayer Al-Dossari}
}