A method to measure the efficiency of phishing emails detection features
Phishing is a threat in which users are sent fake emails that urge them to click a link (URL) which takes to a phisher's website. At that site, users' accounts information could be lost. Many technical and non-technical solutions have been proposed to fight phishing attacks. To stop such a...
Saved in:
Main Authors: | , , |
---|---|
Format: | Conference Paper |
Language: | en_US |
Published: |
IEEE Computer Society
2015
|
Subjects: | |
Online Access: | http://ddms.usim.edu.my/handle/123456789/9023 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my.usim-9023 |
---|---|
record_format |
dspace |
spelling |
my.usim-90232015-08-25T04:17:11Z A method to measure the efficiency of phishing emails detection features M.M., Al-Daeef N., Basir M.M., Saudi Effectiveness metric Emails Ham Keywords feature Phishing Phishing emails Urls feature Phishing is a threat in which users are sent fake emails that urge them to click a link (URL) which takes to a phisher's website. At that site, users' accounts information could be lost. Many technical and non-technical solutions have been proposed to fight phishing attacks. To stop such attacks, it is important to select the correct feature(s) to detect phishing emails. Thus, the current work presents a new method to selecting more efficient feature in detecting phishing emails. Best features can be extracted from email's body (content) part. Keywords and URLs are known features that can be extracted from email's body part. These two features are very relevant to the three general aspects of email, these aspects are, email's sender, email's content, and email's receiver. In this work, three effectiveness criteria were derived based on these aspects of email. Such criteria were used to evaluate the efficiency of Keywords and URLs features in detecting phishing emails by measuring their Effectiveness Metric (EM) values. The experimental results obtained from analyzing more than 8000 ham (legitimate) and phishing emails from two different datasets show that, relying upon the URLs feature in detecting phishing emails will predominantly give more precise results than relying upon the Keywords feature in a such task. © 2014 IEEE. 2015-08-11T04:35:59Z 2015-08-11T04:35:59Z 2014 Conference Paper 9781-4799-4443-9 http://ddms.usim.edu.my/handle/123456789/9023 en_US IEEE Computer Society |
institution |
Universiti Sains Islam Malaysia |
building |
USIM Library |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
Universit Sains Islam i Malaysia |
content_source |
USIM Institutional Repository |
url_provider |
http://ddms.usim.edu.my/ |
language |
en_US |
topic |
Effectiveness metric Emails Ham Keywords feature Phishing Phishing emails Urls feature |
spellingShingle |
Effectiveness metric Emails Ham Keywords feature Phishing Phishing emails Urls feature M.M., Al-Daeef N., Basir M.M., Saudi A method to measure the efficiency of phishing emails detection features |
description |
Phishing is a threat in which users are sent fake emails that urge them to click a link (URL) which takes to a phisher's website. At that site, users' accounts information could be lost. Many technical and non-technical solutions have been proposed to fight phishing attacks. To stop such attacks, it is important to select the correct feature(s) to detect phishing emails. Thus, the current work presents a new method to selecting more efficient feature in detecting phishing emails. Best features can be extracted from email's body (content) part. Keywords and URLs are known features that can be extracted from email's body part. These two features are very relevant to the three general aspects of email, these aspects are, email's sender, email's content, and email's receiver. In this work, three effectiveness criteria were derived based on these aspects of email. Such criteria were used to evaluate the efficiency of Keywords and URLs features in detecting phishing emails by measuring their Effectiveness Metric (EM) values. The experimental results obtained from analyzing more than 8000 ham (legitimate) and phishing emails from two different datasets show that, relying upon the URLs feature in detecting phishing emails will predominantly give more precise results than relying upon the Keywords feature in a such task. © 2014 IEEE. |
format |
Conference Paper |
author |
M.M., Al-Daeef N., Basir M.M., Saudi |
author_facet |
M.M., Al-Daeef N., Basir M.M., Saudi |
author_sort |
M.M., Al-Daeef |
title |
A method to measure the efficiency of phishing emails detection features |
title_short |
A method to measure the efficiency of phishing emails detection features |
title_full |
A method to measure the efficiency of phishing emails detection features |
title_fullStr |
A method to measure the efficiency of phishing emails detection features |
title_full_unstemmed |
A method to measure the efficiency of phishing emails detection features |
title_sort |
method to measure the efficiency of phishing emails detection features |
publisher |
IEEE Computer Society |
publishDate |
2015 |
url |
http://ddms.usim.edu.my/handle/123456789/9023 |
_version_ |
1645152521739567104 |
score |
13.214268 |