本文已被:浏览 1221次 下载 1963次
Received:January 12, 2016 Revised:February 29, 2016
Received:January 12, 2016 Revised:February 29, 2016
中文摘要: 网络钓鱼是一种在线欺诈行为,它利用钓鱼网页仿冒正常合法的网页,窃取用户敏感信息从而达到非法目的.提出了基于集成学习的钓鱼网页深度检测方法,采用网页渲染来应对常见的页面伪装手段,提取渲染后网页的URL信息特征、链接信息特征以及页面文本特征,利用集成学习的方法,针对不同的特征信息构造并训练不同的基础分类器模型,最后利用分类集成策略综合多个基础分类器生成最终的结果.针对PhishTank钓鱼网页的检测实验表明,本文提出的检测方法具有较好的准确率与召回率.
Abstract:Phishing is a kind of online fraud that combines social engineering techniques and sophisticated attack vectors to steal the users' sensitive information to achieve the illegal purpose. In order to detect phishing web pages quickly and efficiently, this paper presents a model for depth detection of phishing web pages based on ensemble learning. The model uses page rendering to deal with common page camouflage, extract several sensitive features including URL and domain features, link and reference information, and contents of text messages; and then constructs and trains several base learning models with ensemble learning method using the features above; finally, generates the final result with base models using classification and integration method. Experiments on PhishTank indicate that the detection model this paper proposed has good accuracy and recall rate.
keywords: phishing detect ensemble learning feature extract
文章编号: 中图分类号: 文献标志码:
基金项目:国家高技术研究计划(863)(2015AA016006);国家自然科学基金(61303248,U1536106);北京市自然科学基金(4144089);信息网络安全公安部重点实验室开放课题(C15604)
引用文本:
冯庆,连一峰,张颖君.基于集成学习的钓鱼网页深度检测系统.计算机系统应用,2016,25(10):47-56
FENG Qing,LIAN Yi-Feng,ZHANG Ying-Jun.Depth Detection System for Phishing Web Pages Based on Ensemble Learning.COMPUTER SYSTEMS APPLICATIONS,2016,25(10):47-56
冯庆,连一峰,张颖君.基于集成学习的钓鱼网页深度检测系统.计算机系统应用,2016,25(10):47-56
FENG Qing,LIAN Yi-Feng,ZHANG Ying-Jun.Depth Detection System for Phishing Web Pages Based on Ensemble Learning.COMPUTER SYSTEMS APPLICATIONS,2016,25(10):47-56
