Abstract
Android OS is currently one of the most popular operating system in smartphones. Majority of the population today uses android phone. Use of smartphone is not bounded to calling, messaging apps or Video Chats but the users use it for financial transactions as well. There is an exponential growth in use of mobile services. Phishing is one of the major security threats in mobile devices for various reasons. Mobile phishing is dangerous because of hardware limitations of the device and the user attitude while using services on the device. Phishing is widely investigated in desktop environment but there is very little research on techniques to detect phishing on Android Device. The proposed system is a mechanism for detection of phishing on Android mobile devices. It is a hybrid solution to defend against zero-day phishing attacks. It includes 5 modules; URL Extraction, Static Analysis of URL, Web Page Foot printing, URL Based Heuristics and the SVM classifier. The system was evaluated using a dataset with 200 phishing websites URLs and 200 legitimate website URLs. The results show that 92% accuracy was achieved by the system.
Keywords
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Android. https://www.android.com/
Phishing. https://en.wikipedia.org/wiki/Phishing
Anti Phishing Working Group (APWG). http://www.antiphishing.org/
Nguyen, L.A.T., et al.: Detecting phishing web sites: a heuristic URL-based approach. In: 2013 International Conference on Advanced Technologies for Communications (ATC 2013). IEEE (2013)
Dunlop, M., Groat, S., Shelly, D.: Goldphish: using images for content-based phishing analysis. In: 2010 Fifth International Conference on Internet Monitoring and Protection (ICIMP). IEEE (2010)
Basnet, R.B., Doleck, T.: Towards developing a tool to detect phishing URLs: a machine learning approach. In: 2015 IEEE International Conference on Computational Intelligence & Communication Technology (CICT). IEEE (2015)
Feroz, M.N., Mengel, S.: Phishing URL detection using URL ranking. In: 2015 IEEE International Congress on Big Data (BigData Congress). IEEE (2015)
Chang, E.H., Chiew, K.L., Tiong, W.K.: Phishing detection via identification of website identity. In: 2013 International Conference on IT Convergence and Security (ICITCS). IEEE (2013)
Geng, G.-G., et al.: Favicon-a clue to phishing sites detection. eCrime Researchers Summit (eCRS). IEEE (2013)
Wu, L., Du, X., Wu, J.: MobiFish: a lightweight anti-phishing scheme for mobile phones. In: 2014 23rd International Conference on Computer Communication and Networks (ICCCN). IEEE (2014)
PhishTank. http://www.phishtank.com/what_is_phishing
Bottazzi, G., et al.: MP-Shield: a framework for phishing detection in mobile devices. In: 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing (CIT/IUCC/DASC/PICOM). IEEE (2015)
Mohammad, R.M., Thabtah, F., McCluskey, L.: Intelligent rule-based phishing websites classification. IET Inf. Secur. 8(3), 153–160 (2014)
Mukhopadhyay, S., Argles, D.: An anti-phishing mechanism for single sign-on based on QR-code. In: 2011 International Conference on Information Society (i-Society). IEEE (2011)
Han, W., Wang, Y., Cao, Y., Zhou, J., Wang, L.: Anti-phishing by smart mobile device. In: IFIP International Conference on Network and Parallel Computing - Workshops (2007)
Vibhuti, K.P., et al.: Safe internet browsing using heuristic based technique. Int. J. Eng. Dev. Res. 2, 1759–1766 (2014)
Siddiqui, A.T., Zamani, A.S., Ahmed, J.: Android security model that provide a base operating system. J. Telecommun. 13(1), 36–43 (2012)
PhishTank. What is Phishing? http://www.phishtank.com/what_is_phishing
Wikepedia. Accuracy and Precision. https://en.wikipedia.org/wiki/Accuracy_and_precision
Shaikh, J.S.: Facebook Phishing, 15 August 2015. https://linuxworkgroup.wordpress.com/2015/08/25/facebook-phishing/
Abdelhamid, N.: Multi-label rules for phishing classification. Appl. Comput. Inform. 11(1), 29–46 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Chorghe, S.P., Shekokar, N. (2016). A Solution to Detect Phishing in Android Devices. In: Ray, I., Gaur, M., Conti, M., Sanghi, D., Kamakoti, V. (eds) Information Systems Security. ICISS 2016. Lecture Notes in Computer Science(), vol 10063. Springer, Cham. https://doi.org/10.1007/978-3-319-49806-5_25
Download citation
DOI: https://doi.org/10.1007/978-3-319-49806-5_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-49805-8
Online ISBN: 978-3-319-49806-5
eBook Packages: Computer ScienceComputer Science (R0)