A method to measure the efficiency of phishing emails detection features

Phishing is a threat in which users are sent fake emails that urge them to click a link (URL) which takes to a phisher's website. At that site, users' accounts information could be lost. Many technical and non-technical solutions have been proposed to fight phishing attacks. To stop such a...

Full description

Saved in:
Bibliographic Details
Main Authors: M.M., Al-Daeef, N., Basir, M.M., Saudi
Format: Conference Paper
Language:en_US
Published: IEEE Computer Society 2015
Subjects:
Ham
Online Access:http://ddms.usim.edu.my/handle/123456789/9023
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.usim-9023
record_format dspace
spelling my.usim-90232015-08-25T04:17:11Z A method to measure the efficiency of phishing emails detection features M.M., Al-Daeef N., Basir M.M., Saudi Effectiveness metric Emails Ham Keywords feature Phishing Phishing emails Urls feature Phishing is a threat in which users are sent fake emails that urge them to click a link (URL) which takes to a phisher's website. At that site, users' accounts information could be lost. Many technical and non-technical solutions have been proposed to fight phishing attacks. To stop such attacks, it is important to select the correct feature(s) to detect phishing emails. Thus, the current work presents a new method to selecting more efficient feature in detecting phishing emails. Best features can be extracted from email's body (content) part. Keywords and URLs are known features that can be extracted from email's body part. These two features are very relevant to the three general aspects of email, these aspects are, email's sender, email's content, and email's receiver. In this work, three effectiveness criteria were derived based on these aspects of email. Such criteria were used to evaluate the efficiency of Keywords and URLs features in detecting phishing emails by measuring their Effectiveness Metric (EM) values. The experimental results obtained from analyzing more than 8000 ham (legitimate) and phishing emails from two different datasets show that, relying upon the URLs feature in detecting phishing emails will predominantly give more precise results than relying upon the Keywords feature in a such task. © 2014 IEEE. 2015-08-11T04:35:59Z 2015-08-11T04:35:59Z 2014 Conference Paper 9781-4799-4443-9 http://ddms.usim.edu.my/handle/123456789/9023 en_US IEEE Computer Society
institution Universiti Sains Islam Malaysia
building USIM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universit Sains Islam i Malaysia
content_source USIM Institutional Repository
url_provider http://ddms.usim.edu.my/
language en_US
topic Effectiveness metric
Emails
Ham
Keywords feature
Phishing
Phishing emails
Urls feature
spellingShingle Effectiveness metric
Emails
Ham
Keywords feature
Phishing
Phishing emails
Urls feature
M.M., Al-Daeef
N., Basir
M.M., Saudi
A method to measure the efficiency of phishing emails detection features
description Phishing is a threat in which users are sent fake emails that urge them to click a link (URL) which takes to a phisher's website. At that site, users' accounts information could be lost. Many technical and non-technical solutions have been proposed to fight phishing attacks. To stop such attacks, it is important to select the correct feature(s) to detect phishing emails. Thus, the current work presents a new method to selecting more efficient feature in detecting phishing emails. Best features can be extracted from email's body (content) part. Keywords and URLs are known features that can be extracted from email's body part. These two features are very relevant to the three general aspects of email, these aspects are, email's sender, email's content, and email's receiver. In this work, three effectiveness criteria were derived based on these aspects of email. Such criteria were used to evaluate the efficiency of Keywords and URLs features in detecting phishing emails by measuring their Effectiveness Metric (EM) values. The experimental results obtained from analyzing more than 8000 ham (legitimate) and phishing emails from two different datasets show that, relying upon the URLs feature in detecting phishing emails will predominantly give more precise results than relying upon the Keywords feature in a such task. © 2014 IEEE.
format Conference Paper
author M.M., Al-Daeef
N., Basir
M.M., Saudi
author_facet M.M., Al-Daeef
N., Basir
M.M., Saudi
author_sort M.M., Al-Daeef
title A method to measure the efficiency of phishing emails detection features
title_short A method to measure the efficiency of phishing emails detection features
title_full A method to measure the efficiency of phishing emails detection features
title_fullStr A method to measure the efficiency of phishing emails detection features
title_full_unstemmed A method to measure the efficiency of phishing emails detection features
title_sort method to measure the efficiency of phishing emails detection features
publisher IEEE Computer Society
publishDate 2015
url http://ddms.usim.edu.my/handle/123456789/9023
_version_ 1645152521739567104
score 13.214268