Authors : Abdulghani Ali Ahmed and Ali Safa Sadiq
Abstract: Phishing website lures computer users to interact with the spoofed websites rather than the real ones. The main purpose of this attack is to steal the confidential information from the users. The attacker creates a fake webpage that looks similar to the real page. This deceitful act allows the hacker to observe and modify user’s confidential information. This study proposes a real time system inspired from honey-bee defence mechanism in nature for filtering phishing website attacks (PhishSys). In particular, the proposed system PhishSys filters phishing website through three main phases of investigation: PhishTank-Match (PM), Undesirable-Absent (UA) and Desirable-Present (DP) investigation phases. The PM technique is used in the first phase in order to check if the requested URL is listed in the blacklist of PhishTank database. The UA technique is used in the next phase of investigation for checking the absence of undesirable symbols in Uniform Resources Locators (URLs) of the requested website. The DP technique is used in the last phase of investigation in order to check the presence of the requested URL in the desirable whitelist. The obtained results show that the detection mechanism is deployable and capable to detect various types of phishing attacks with maintaining a low rate of false alarms.
Abdulghani Ali Ahmed and Ali Safa Sadiq, 2017. PhishSys: A Honey Bee Inspired Intelligent System for Phishing Websites Detection. Journal of Engineering and Applied Sciences, 12: 8088-8094.