PhisherHunter: Module design for automatic detection of phishing websites and preventing user abuse

Authors : Samet Ganal, Ecir Küçüksille, Mehmet Ali Yalçinkaya

Pages : 468-480

View : 46 | Download : 58

Publication Date : 2023-10-31

Article Type : Research Paper

Abstract :One of the most common cyber-attacks that users encounter on the internet are phishing websites. In the attacks that are performed on phishing websites, real websites are duplicated and published on different domain names, and users are directed to these fake websites through various social engineering techniques. Through to the website to which users are directed, they transmit some personal and confidential data such as credit card, username-password details to attackers. In this study, the establishment of the infrastructure and content of phishing internet sites has been explained, a tool named PhisherHunter created, and four different methods have been developed so as to detect such websites. Through the examination of newly registered websites, which is the main detection method, a successful detection rate of 95.4% has been achieved. Three different methods have been used in the active defense part of the study. Firstly, the hosting company has been automatically determined to stop the publication of the phishing website and a notification has been sent with a success rate of 98%. As the second active defense method, the active honeypot technique has been developed. The active honeypot method aims to enter a marked information on the phishing website and to track this information on the real website. And as the last active defense method, the method of poisoning phishing websites by using fake data has been developed. It has been observed that poisoning methods by using the techniques of active honeypot and fake data have achieved a success of 92%.
Keywords : Oltalama, Oltalama internet sitesi, Aktifsavunma