Detection Of Pharming Attack On Websites Using Svm Classifier
[Full Text]
AUTHOR(S)
Saloni Manhas, Swapnesh Taterh, Dilbag Singh
KEYWORDS
Phishing, Support Vector Machine (SVM), Secure Socket Layer (SSL) attacks, Malicious websites, Pharming, Machine learning, Network attacks.
ABSTRACT
Attackers are constantly trying to con users and organizations to cause ï¬nancial damage, loss of sensitive information, and ruin their reputation. Pharming attacks are becoming a headache for website users due to its severe consequences. This attack is achieved by stealing user’s credentials and redirect them to malicious websites by using DNS based techniques. Therefore, to give additional safety Transport Layer Security/Secure Sockets Layer (TLS/SSL) was introduced. It operates by authorizing the actual web server for you to the customer, vice a new versa in so doing each party conï¬rming the actual reliability by using digital certificates. However, SSL is still vulnerable to pharming attacks. Results show that the proposed technique provides 97% accuracy along with high performance in F-measure, sensitivity and specificity which is commendable and proves that SVM is an adequate machine learning method to successfully carry out detection of pharming attack.
REFERENCES
[1] L. S. Huang, A. Rice, E. Ellingsen, and C. Jackson, “Analyzing Forged SSL Certificates in the Wild,†2014 IEEE Symp. Secur. Priv., pp. 83–97, 2014.
[2] E. R. Ford, “Man-in-the-Middle Attack to the HTTPS Protocol.â€
[3] J. Sigholm, “Papering Over the Cracks : The Effects of Introducing Best Practices on the Web Security Ecosystem,†2016 Int. Conf. Inf. Netw., pp. 1–6, 2016.
[4] K. Gajera, “A Novel Approach to Detect Phishing Attack Using Artificial Neural Networks Combined with Pharming Detection,†2019 3rd Int. Conf. Electron. Commun. Aerosp. Technol., pp. 196–200, 2019.
[5] I. T. Program, “Detection Model for Pharming Attack Based on IP-Address Check and Website Predictability Prepared by,†2013.
[6] “German researchers find a way to circumvent Domain Validation.†[Online]. Available: https://www.thesslstore.com/blog/german-researchers-circumvent-domain-validation/. [Accessed: 03-Oct-2019].
[7] I. S. Alfayoumi, “Client – Side Pharming Attacks Detection using Authoritative Domain Name Servers,†vol. 113, no. 10, pp. 26–31, 2015.
[8] B. Arya, “A Client-Side Anti-Pharming ( CSAP ) Approach,†2016.
[9] R. Gowtham, A. V. Vidyapeetham, and I. Krishnamurthi, “An efficacious method for detecting phishing webpage through Target Domain Identification,†no. June 2018, 2014.
[10] S. Gastellier-prevost et al., “A dual approach to detect pharming attacks at the To cite this version : A dual approach to detect pharming attacks at the client-side,†2016.
[11] Y. Li, S. Chu, and R. Xiao, “Optik A pharming attack hybrid detection model based on IP addresses and web content,†Opt. - Int. J. Light Electron Opt., vol. 126, no. 2, pp. 234–239, 2015.
[12] S. Gastellier-prevost, and M. Lauren, “Defeating pharming attacks at the client-side To cite this version : HAL Id : hal-01303641 Defeating pharming attacks at the client-side,†2016.
[13] C. Tiwary and S. Rathod, “Privacy Protection System for Secure Authentication and Internal Intrusion Detection System,†vol. 4, no. cPGCON, pp. 8074–8077, 2017.
[14] H. S. Pannu, D. Singh, and A. K. Malhi, “Multi-objective particle swarm optimization-based adaptive neuro-fuzzy inference system for benzene monitoring,†Neural Computing and Applications, Springer London, pp. 1–11, 31-Aug-2017.
[15] H. S. Pannu, D. Singh, and A. K. Malhi, “Improved Particle Swarm Optimization Based Adaptive Neuro-Fuzzy Inference System for Benzene Detection,†Clean - Soil, Air, Water, vol. 46, no. 5, May 2018.
[16] M. Kaur, H. K. Gianey, D. Singh, and M. Sabharwal, “Multi-objective differential evolution based random forest for e-health applications,†Mod. Phys. Lett. B, vol. 33, no. 5, Feb. 2019.
[17] B. Kumar, O. P. Vyas, and R. Vyas, “A comprehensive review on the variants of support vector machines,†Mod. Phys. Lett. B, vol. 33, no. 25, p. 1950303, Sep. 2019.
|