Phishing websites are still a major threat in today's Internet ecosystem.
Despite numerous previous efforts, similarity-based detection methods do not offer sufficient protection for the trusted websites -- in particular against
unseen phishing pages.
This paper contributes VisualPhishNet, a new similarity-based phishing detection framework, based on a triplet Convolutional Neural Network (CNN).
VisualPhishNet learns profiles for websites in order to detect phishing websites by a similarity metric that can generalize to pages with new visual appearances.
We furthermore present VisualPhish, the largest dataset to date that facilitates visual phishing detection in an ecologically valid manner.
We show that our method outperforms previous visual similarity phishing detection approaches by a large margin while being robust against a range of evasion attacks.
History
Preferred Citation
Sahar Abdelnabi, Katharina Krombholz and Mario Fritz. VisualPhishNet: Zero-Day Phishing Website Detection by Visual Similarity. In: ACM Conference on Computer and Communications Security (CCS). 2020.
Primary Research Area
Trustworthy Information Processing
Secondary Research Area
Empirical and Behavioral Security
Tertiary Research Area
Threat Detection and Defenses
Name of Conference
ACM Conference on Computer and Communications Security (CCS)
Legacy Posted Date
2020-07-08
Open Access Type
Green
BibTeX
@inproceedings{cispa_all_3139,
title = "VisualPhishNet: Zero-Day Phishing Website Detection by Visual Similarity",
author = "Abdelnabi, Sahar and Krombholz, Katharina and Fritz, Mario",
booktitle="{ACM Conference on Computer and Communications Security (CCS)}",
year="2020",
}