Detecting Phishing Websites Based on Webpage Content Features of Page Jumping

、線上人數：4

、訪客IP：3.149.250.1

姓名	黃頌茜(HUANG SUNG-CHIEN) 查詢紙本館藏	畢業系所	資訊工程學系在職專班
論文名稱	(Detecting Phishing Websites Based on Webpage Content Features of Page Jumping)
檔案	[Endnote RIS 格式] [Bibtex 格式] [相關文章] [文章引用] [完整記錄] [館藏目錄] 至系統瀏覽論文 (2027-1-31以後開放)
摘要(中)	網路釣魚攻擊是結合網頁技術與社交工程技巧的應用，為駭客攻擊中重要的一環，許多網路攻擊的第一步都是從釣魚電子郵件出發。早期無差別式的攻擊，已逐漸轉化成針對特定目標精心製作出電子郵件的「魚叉式網路釣魚」（Spear-phishing），是一種少量寄送而高度針對性的攻擊。駭客鎖定重要人士和單位寄送電子郵件，於內文中夾帶文字連結、檔案連結或圖片連結，誘騙使用者點擊並引導至駭客架設的釣魚網站。為提升網站的信任度，在外觀上也幾乎與其對應的合法網站相似，導致使用者一時不察輸入帳號、密碼、銀行帳戶資料等個人資訊。「魚叉式網路釣魚」（Spear-phishing）以目標式攻擊為主，沒有大規模的受害者，反饋的樣本數量不足，進行分析需要一段時間，此類型攻擊的釣魚網站對於合法網站有高度模仿性，且網站存活時間短暫，當被通報時，該網站已不存在，難以及時偵測。因此，本論文提出一種方法，針對與合法網站幾乎一模一樣，並存在輸入個人資訊行為的釣魚網站進行分析，利用其網頁跳轉（Page Jumping）的行為模式做「即時動態分析」（Time-of-Click Analysis），在使用者從網頁送出個人機敏資訊前，預先找出網路釣魚目標，最終判斷是否為一個釣魚網站。
摘要(英)	Phishing is a form of social engineering attack combined with web development techniques. This is one of the important processes on cyber-attacks. Many cyber-attacks start from phishing emails. The early indiscriminate attacks have gradually transformed into "Spear-phishing" in which emails are well-crafted attacks with very specific targets. It’s a highly targeted attack with a small number of mailings. Hackers lock important people and organizations to send emails. The linked text, files, or pictures are included in the email context trick users into clicking phishing websites created by the hackers. To get people to trust the website, the appearance of the website is almost similar to its corresponding legitimate website. It causes users lower the guards and easily give away personal information, such as account numbers, passwords, and bank account information. "Spear-phishing" is a more targeted form of phishing. There are no mass victims and the sample amount of feedback is not enough. It needs to analyze for quite a while. These type of phishing websites are highly imitative to legitimate websites. Even so, the websites uptime are short, they get blocked to protect users as soon been reported as malicious sites by reporting phishing sites. It is difficult to detect in real time. Therefore, in this paper we propose a method to analyze phishing websites that are almost identical to legitimate websites and have the act of inputting personal information. We use its Page Jumping behavior to achieve "Time-of-Click Analysis". Before sending sensitive information from the webpage, find the final target in advance. Finally, we can determine whether it is a phishing website.
關鍵字(中)	★ 魚叉式網路釣魚 ★ 網頁跳轉 ★ 釣魚目標	關鍵字(英)	★ spear-phishing ★ page jumping ★ phishing target
論文目次	摘要 i Abstract ii 誌謝 iv 目錄 v 圖目錄 vii 表目錄 ix 第 1 章緒論 1 第 2 章背景介紹 5 2.1 網路釣魚攻擊技術 5 2.1.1 文字超連結 5 2.1.2 檔案附件超連結 5 2.1.3 Open Redirection開放式重定向跳轉 6 2.1.4 短網址服務 7 2.1.5 Google Docs文件分享 8 2.1.6 繞過「OTP」認證機制 10 2.2 「魚叉式網路釣魚」攻擊流程 11 第 3 章文獻探討 15 3.1 黑名單列表 15 3.2 網站分析軟體的應用 15 3.3 網路瀏覽器安全警告 16 3.4 檢查 URL 真實性 17 3.5 網頁原始碼的檢測 19 第 4 章系統設計與實作 21 4.1 系統架構 21 4.2 Unescape Decoder 23 4.3 HTML form 24 4.4 HTML frame, iframe 26 4.5 JavaScript window.location 28 4.6 jQuery AJAX:post 29 4.7 HTML <a href="URL"> 31 第 5 章實驗分析 35 5.1 開發工具與佈署環境 35 5.2 系統實作 36 5.3 分析評估 41 第 6 章討論 43 6.1 限制 43 6.2 未來研究 44 第 7 章結論 45 參考文獻 46
參考文獻	[1] A. Jain and V. Richariya, “Implementing a web browser with phishing detection techniques,” arXiv preprint arXiv:1110.0360, 2011. [2] Protecting businesses against cyber threats during COVID-19 and beyond [Online]. Available: https://cloud.google.com/blog/products/identity-security/protecting-against-cyber-threats-during-covid-19-and-beyond [3] Anti-Phishing Working Group (APWG). Phishing Activity Trends Report 2nd Quarter 2021 [Online]. Available: https://apwg.org/trendsreports/ [4] 知已知彼！深入剖析疫情衝擊下的資安威脅及攻擊手法, OSecure 郵件威脅報告 [Online]. Available: https://www.openfind.com.tw/taiwan/edm/report_2021/report_2021.pdf [5] TinyURL [Online]. Available: https://tinyurl.com/app [6] 教你分辨釣魚網址分身術！資安人 [Online]. Available: https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=6813 [7] Attackers Take Advantage of New Google Docs Exploit [Online]. Available: https://www.avanan.com/blog/attackers-take-advantage-of-new-google-doc-exploit, 2021. [8] 銀行釣魚簡訊最新手法！解析台新簡訊詐騙案：一般民眾應如何自保？ [Online]. Available: https://www.managertoday.com.tw/articles/view/62632, 2021. [9] AbdelKarim Mardini and Guemmy Kim, "Making sign-in safer and more convenient, " [Online]. Available: https://blog.google/technology/safety-security/making-sign-safer-and-more-convenient/, SAFETY & SECURITY CHROME, October 05, 2021. [10] E. Brunswik, "Representative design and probabilistic theory in functional psychology, " Psychol. Rev., vol. 62, pp. 193–217, 1955. [11] J. W. Payne, J. R. Bettman, and E. J. Johnson, The Adaptive Decision Maker. Cambridge, UK: Cambridge Univ. Press, 1993. [12] L. Li, E. Berki, M. Helenius, and S. Ovaska, "Towards a contingency approach with whitelist-and blacklist-based anti-phishing applications: what do usability tests indicate? " in Behaviour & Information Technology, vol. 33, no.11, 2014, pp. 1136-1147. [13] PhishTank \| Join the fight against phishing. [Online]. Available: http://www.phishtank.com/ [14] C. Reis, A. Barth, and C. Pizano, "Browser security: lessons from Google Chrome," Queue, vol. 7, p. 3, 2009. [15] CYREN. "The Phishing Issue From Targeted Attacks to High-Velocity Phishing," CyberThreat Report [Online]. Available: https://evessio.s3.amazonaws.com/customer/8c4659ee-526a-4e9c-89dc-f6f4c3c1a789/event/ipexpo-europe/2018-Exhibitors/cyren-1_Cyren_Phishing.pdf, p. 18, April 2018. [16] VirusTotal - Home. [Online]. Available: https://www.virustotal.com/gui/home/url/. [17] URLVoid: Check if a Website is Malicious/Scam or Safe/Legit. [Online]. Available: https://www.urlvoid.com/. [18] CheckPhish: Url Scanner to Detect Phishing in Real-time. [Online]. Available: https://checkphish.ai/. [19] Website Traffic - Check and Analyze Any Website \| Similarweb. [Online]. Available: https://www.similarweb.com/. [20] URLVoid 從超過 30 個檢測引擎檢查網頁安全，避免誤入詐欺或惡意連結 [Online]. Available: https://free.com.tw/urlvoid/, 8 October 2019. [21] Noman Mazher, Imran Ashraf, and Ayesha Altaf, "Which web browser work best for detecting phishing," IEEE, 2013. [22] C. Almond, "A practical guide to cloud computing security," A white paper from Accenture and Microsoft, 2009. [23] StatCounter GlobalStats. Browser Market Share Worldwide [Online]. Available: https://gs.statcounter.com/browser-market-share [24] Amazon.com, "The top 500 sites on the web," [Online]. Available: https://www.alexa.com/topsites, October 2021. [25] John McGahagan IV, Darshan Bhansali, Darshan Bhansali, and Darshan Bhansali " A Comprehensive Evaluation of Webpage Content Features for Detecting Malicious Websites, " 2019 9th Latin-American Symposium on Dependable Computing (LADC), 19-21 Nov. 2019. [26] Mozilla Developer Network, “HTTP-Headers,” 2018. [Online]. Available: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/. [27] Python Software Foundation, “Python,” 2018. [Online]. https://www.Python.org/. Available: August 10, 2018. [28] Selenium 3.141.0. [Online]. https://pypi.org/project/selenium//. Available: August 10, 2018. [29] Document.write用unescape加载javascript的好处 [Online]. Available: http://www.webkaka.com/tutorial/js/2018/040627/. [30] Urllib.parse — Parse URLs into components [Online]. Available: https://docs.python.org/3/library/urllib.parse.html. [31] Beautiful Soup Documentation [Online]. Available: https://beautiful-soup-4.readthedocs.io/en/latest/. [32] Wikipedia.org, "jQuery" [Online]. Available: https://zh.wikipedia.org/wiki/JQuery. [33] Huaping Yuan, Xu Chen, Yukun Li, Zhenguo Yang, Wenyin Liu " Detecting Phishing Websites and Targets Based on URLs and Webpage Links, " 2018 24th International Conference on Pattern Recognition (ICPR) Beijing, China, August 20-24, 2018
指導教授	許富皓許富皓(Fu-Hau Hsu Fu-Hau Hsu)	審核日期	2022-1-19
推文	facebook plurk twitter funp google live udn HD myshare reddit netvibes friend youpush delicious baidu
網路書籤	Google bookmarks del.icio.us hemidemi myshare

博碩士論文 104552011 詳細資訊