摘要
釣魚網站的詐騙手法,主要是仿冒合法網頁,並利用網頁的高相似度,讓使用者不易發現合法網站與釣魚網站的差異,造成使用者在沒有察覺的情況下,提供個人資訊給這些釣魚網站。因此有心人士有機會將這些資訊,進行使用者的身分冒充或財產盜用等非法行為。 現有的釣魚網站偵測工具,大多藉由分析網頁原始碼,來判斷釣魚網站與合法網站的不同。但是如果釣魚網站利用靜態圖案來替代文字畫面,這些使用文字分析的工具,將不容易判斷釣魚網站。 本篇論文以網頁標題當關鍵字,利用網頁搜尋引擎搜尋相關網頁後,將搜尋結果當做安全名單,並利用搜尋結果的網頁畫面和網域,對可疑網頁做比對,因此不需額外建立黑名單。另外還判斷網頁所含連結中,外部網域的比例,加以確認網站是否為合法網頁。我們的方法以釣魚攻擊研究組織PhishTank.com的釣魚網站資料作測試,對釣魚網站的辨識率可達到96%。
並列摘要
Phishing is an attack that tries to deceive users into thinking that a phishing site is a legitimate webpage. Phishing pages are usually designed to look almost the same as the official pages, in terms of layout and contents. Phishers try to trick users to reveal their sensitive or private information, such as bank account or credit card numbers. Many anti-phishing techniques have been proposed, and most of them rely on analysis of text features, such as HTML code blocks or URL addresses. But it is difficult for anti-phishing tools that use only text-based analysis techniques to correctly detect phishing pages that replace static text contents with pictures. In this thesis, webpage titles were used as keywords for a search engine, such as Google, to search relevant but legitimate pages, in order to help decide if a webpage is a phishing page. We also used outgoing link number contained in a page as a factor for determining phihsing pages. We experimented our method using phishing pages in PhishTank.com as test data, and the results showed that our method can correctly determine 96% of phishing sites.