長短期記憶神經網路於釣魚網站預測之研究

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：90

、訪客IP：3.145.151.141

姓名

林峯慶(Fong-Ching Lin) 查詢紙本館藏

畢業系所

資訊管理學系在職專班

論文名稱

長短期記憶神經網路於釣魚網站預測之研究

相關論文

★ 台灣50走勢分析：以多重長短期記憶模型架構為基礎之預測	★ 以多重遞迴歸神經網路模型為基礎之黃金價格預測分析
★ 增量學習用於工業4.0瑕疵檢測	★ 遞回歸神經網路於電腦零組件銷售價格預測之研究
★ 基於深度學習辨識跳頻信號之研究	★ Opinion Leader Discovery in Dynamic Social Networks
★ 深度學習模型於工業4.0之機台虛擬量測應用	★ A Novel NMF-Based Movie Recommendation with Time Decay
★ 以類別為基礎sequence-to-sequence模型之POI旅遊行程推薦	★ A DQN-Based Reinforcement Learning Model for Neural Network Architecture Search
★ Neural Network Architecture Optimization Based on Virtual Reward Reinforcement Learning	★ 生成式對抗網路架構搜尋
★ 以漸進式基因演算法實現神經網路架構搜尋最佳化	★ Enhanced Model Agnostic Meta Learning with Meta Gradient Memory
★ 遞迴類神經網路結合先期工業廢水指標之股價預測研究	★ A Novel Reinforcement Learning Model for Intelligent Investigation on Supply Chain Market

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

至系統瀏覽論文 ( 永不開放)

摘要(中)

自從2020年全球受到Covid-19影響，民眾對非接觸式的數位交易需求增加，許多服務由實體轉至雲端，網路上的金融交易量大幅增加，居家上班的工作型態，也讓公司的機敏資料暴露在更容易受到攻擊的環境之下，網路釣魚在 2020 年開始呈現急速成長，至2021年底以成長兩倍。傳統的釣魚網站攻擊檢測模型依賴啟發式規則尋找特徵，結合機器學習進行預測，本研究想要提出一種模型來補足傳統模型的功能。
本研究提出一種使用長短期記憶神經網路(long short term memory，LSTM)和啟發式規則的混合特徵模組，該模組以啟發式規則收集重要特徵，再以LSTM萃取網址特徵彌補啟發式規則的弱點，最後使用類神經網路(Neural Network，NN)進行預測。實驗中發現LSTM確實能找出潛藏的特徵以輔助模型進行更準確的釣魚網站預測，準確度(ACC)為0.997。

摘要(英)

Since the global impact of Covid-19 in 2020, the demand for contactless digital transactions has increased, many services have moved from the physical to the cloud, financial transactions on the Internet have increased dramatically, and the work-from-home work style has exposed companies′ sensitive data to a more vulnerable environment. The number of phishing attacks will begin to grow rapidly in 2020 and will increase twofold by the end of 2021. Traditional phishing attack detection models rely on heuristic rules to find features and combine with machine learning to make predictions.
This study proposes a hybrid feature module using long short term memory (LSTM) and heuristic rules. The module collects important features with heuristic rules, and then uses LSTM to extract URL features to supplement the heuristic rules. Weaknesses, and finally use a neural network (Neural Network, NN) for prediction. In the experiment, it is found that LSTM can indeed find hidden features to assist the model to make more accurate predictions of phishing websites, with an accuracy (ACC) of 0.997.

關鍵字(中)

★ 網路釣魚
★ 長短期記憶網路
★ 神經網路
★ 機器學習
★ 深度學習

關鍵字(英)

★ Phishing
★ LSTM
★ Neural Network
★ machine learning
★ deep learning

論文目次

第 1 章緒論 5
1-1 研究背景 5
1-2 研究動機與目的 8
1-3 研究貢獻 10
1-4 論文流程與架構 10
第 2 章文獻探討 12
2-1 網頁特徵 12
2-2 網路釣魚檢測方式 16
第 3 章研究方法 23
3-1 模型架構 23
3-2 資料前處理 24
3-3 特徵選取模組 25
3-3-1 網址特徵模組 25
3-3-2 網域特徵模組 27
3-3-4 LSTM特徵模組 29
3-4 模型訓練 35
第 4 章實驗結果 36
4-1 實驗環境與資料集 36
4-2 評估方法 37
4-3 模型準確度比較 39
4-4 混合型特徵模組效能之驗證 39
4-5 參數設定對模型影響之實驗 41
4-5-1 Hidden layer參數調整 41
4-5-2 Neurons參數調整 41
4-5-3 Epochs參數調整 42
4-5-4 Learning rate參數調整 43
4-5-5 Batch參數調整 43
4-6 實驗總結 45
第 5 章結論 46
5-1 研究總結 46
5-2 研究限制 46
5-3 未來研究方向 46
參考文獻 48

參考文獻

[1] Verizon 2021 Data Breach Investigations Report (DBIR). (2021). (https://www.verizon.com/business/resources/reports/2021/2021-data-breach-investigations-report.pdf)
[2] APWG. (2021). PHISHING ACTIVITY TRENDS REPORT. (https://docs.apwg.org/reports/apwg_trends_report_q4_2021.pdf)
[3] Check Point. (2022). Cyber Attack Trends In The Midst Of Warfare – The numbers behind the first days of the conflict. (https://blog.checkpoint.com/2022/02/27/196-increase-in-cyber-attacks-on-ukraines-government-and-military-sector/)
[4] Mohammad, R. M., Thabtah, F., & McCluskey, L. (2015). Phishing websites features. School of Computing and Engineering, University of Huddersfield.
[5] Rao, R. S., & Pais, A. R. (2019). Detection of phishing websites using an efficient feature-based machine learning framework. Neural Computing and Applications, 31(8), 3851-3873.
[6] WHOIS, (https://www.whois365.com/tw/)
[7] Google safe browsing api, (https://transparencyreport.google.com/safe-browsing/overview)
[8] Sheng, S., Wardman, B., Warner, G., Cranor, L., Hong, J., & Zhang, C. (2009). An empirical analysis of phishing blacklists.
[9] Zhang, Y., Hong, J. I., & Cranor, L. F. (2007, May). Cantina: a content-based approach to detecting phishing web sites. In Proceedings of the 16th international conference on World Wide Web (pp. 639-648).
[10] Xiang, G., Hong, J., Rose, C. P., & Cranor, L. (2011). Cantina+ a feature-rich machine learning framework for detecting phishing web sites. ACM Transactions on Information and System Security (TISSEC), 14(2), 1-28..
[11] Almseidin, M., Alkasassbeh, M., Alzubi, M., & Al-Sawwa, J. (2022). Cyber-Phishing Website Detection Using Fuzzy Rule Interpolation. Cryptography, 6(2), 24.
[12] Mao, J., Tian, W., Li, P., Wei, T., & Liang, Z. (2017). Phishing-alarm: robust and efficient phishing detection via page component similarity. IEEE Access, 5, 17020-17030..
[13] 黃冠龍,(2019), 特定企業之視覺化釣魚網站偵測, 國立台灣科技大學電機工程系碩士學位論文.
[14] Breiman, L. (2001). Random forests. Machine learning, 45(1), 5-32.
[15] Moghimi, M., & Varjani, A. Y. (2016). New rule-based phishing detection method. Expert systems with applications, 53, 231-242.
[16] Hochreiter, S., & Schmidhuber, J. (1997). Long short-term memory. Neural computation, 9(8), 1735-1780.
[17] Fang, Y., Long, X., Huang, C., & Liu, L. (2018). Research on Classifying Phishing URLs Using Hybrid Architecture of LSTM and Random Forest. Gongcheng Kexue Yu Jishu/Advanced Engineering Science, 50(September 2018), 196-201.
[18] Al-Daeef, M. M., Basir, N., & Saudi, M. M. (2021). URL’s Folder Name Length as a Phishing Detection Feature. In Proceedings of Fifth International Congress on Information and Communication Technology (pp. 326-333). Springer, Singapore.
[19] APWG. (2021). APWG Q2 Cybercrime Report: Phishing Sustains Elevated ′New Normal′ Attack Volume Into the Middle of 2021, (http://docs.apwg.org/reports/apwg_trends_report_q2_2021.pdf).
[20] Chung, J., Gulcehre, C., Cho, K., & Bengio, Y. (2014). Empirical evaluation of gated recurrent neural networks on sequence modeling. arXiv preprint arXiv:1412.3555.
[21] Janiesch, C., Zschech, P., & Heinrich, K. (2021). Machine learning and deep learning. , 31(3), 685-695.
[22] PhishTank, (https://www.phishtank.com/)
[23] Marchal, S., François, J., State, R., & Engel, T. (2014). PhishStorm: Detecting phishing with streaming analytics. IEEE Transactions on Network and Service Management, 11(4), 458-471.
[24] The Canadian Institute for Cybersecurity. (2016). ISCX-URL 2016, University of New Brunswick.
[25] 施淳譯. (2020). 基於類神經網路之釣魚網站辨識系統.
[26] Aburrous, M., Hossain, M. A., Dahal, K., & Thabtah, F. (2010). Intelligent phishing detection system for e-banking using fuzzy data mining. Expert systems with applications, 37(12), 7913-7921.
[27] Paliwal, S., Anand, D., & Khan, S. (2016). Application of Rule based Fuzzy Inference System in Prediction of Internet Phishing. International Journal of Computer Applications, 148(14).
[28] Pan, Y., & Ding, X. (2006, December). Anomaly based web phishing page detection. In 2006 22nd Annual Computer Security Applications Conference (ACSAC′06) (pp. 381-392). IEEE.
[29] Whittaker, C., Ryner, B., & Nazif, M. (2010). Large-scale automatic classification of phishing pages.
[30] He, M., Horng, S. J., Fan, P., Khan, M. K., Run, R. S., Lai, J. L., ... & Sutanto, A. (2011). An efficient phishing webpage detector. Expert systems with applications, 38(10), 12018-12027.
[31] Aggarwal, A., Rajadesingan, A., & Kumaraguru, P. (2012, October). PhishAri: Automatic realtime phishing detection on twitter. In 2012 eCrime Researchers Summit (pp. 1-12). IEEE.
[32] Zhang, D., Yan, Z., Jiang, H., & Kim, T. (2014). A domain-feature enhanced classification model for the detection of Chinese phishing e-Business websites. Information & Management, 51(7), 845-853..
[33] Gowtham, R., & Krishnamurthi, I. (2014). A comprehensive and efficacious architecture for detecting phishing webpages. Computers & Security, 40, 23-37.
[34] Mohammad, R. M., Thabtah, F., & McCluskey, L. (2014). Predicting phishing websites based on self-structuring neural network. Neural Computing and Applications, 25(2), 443-458..
[35] Sahingoz, O. K., Buber, E., Demir, O., & Diri, B. (2019). Machine learning based phishing detection from URLs. Expert Systems with Applications, 117, 345-357.
[36] Jeeva, S. C., & Rajsingh, E. B. (2016). Intelligent phishing url detection using association rule mining. Human-centric Computing and Information Sciences, 6(1), 1-19.
[37] Brandon Rohrer. (2017). How Recurrent Neural Networks and Long Short-Term Memory Work, (https://e2eml.school/how_rnns_lstm_work.html).
[38] Wang, X., Liu, Y., Sun, C. J., Wang, B., & Wang, X. (2015, July). Predicting polarities of tweets by composing word embeddings with long short-term memory. In Proceedings of the 53rd Annual Meeting of the Association for Computational Linguistics and the 7th International Joint Conference on Natural Language Processing (Volume 1: Long Papers) (pp. 1343-1353).
[39] BiObserver, CC BY-SA 4.0, WIKI
(https://commons.wikimedia.org/w/index.php?curid=43992484)
[40] 洪慕藍. (2019). 以機器學習演算法探討網路釣魚網站之特徵值. 南臺科技大學資訊管理系碩士學位論文.
[41] Zhang, X., Yan, Z., Li, H., & Geng, G. (2017). Research of phishing detection technology. Chinese Journal of Network and Information Security, 3(7), 7-24.

指導教授

陳以錚(Ejen Chen)

審核日期

2022-7-7

推文