Defending the weakest link: phishing websites detection by analysing user behaviours

Xun Dong, John A. Clark, Jeremy L. Jacob
2010 Telecommunications Systems  
Phishing detection systems are principally based on the analysis of data moving from phishers to victims. In this paper we describe a novel approach for detecting phishing websites based on analysis of users' online behavioursi.e., the websites users have visited, and the data users have submitted to those websites. Such user behaviours can not be manipulated freely by attackers; detection based on those data can achieve high accuracy whilst being fundamentally resilient against changing deception methods.
doi:10.1007/s11235-009-9247-9 fatcat:xiy2jwwjtbcfrdxq44isaxdzs4