以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：160

、訪客IP：3.139.103.163

姓名	蔡秉峻(Ping-Chun Tsai)  查詢紙本館藏	畢業系所	資訊工程學系
論文名稱	PWDFP:一種透過虛偽密碼來偵測釣魚網站的方式 (PWDFP : Phishing Webpage Detector based on Fake Passwords)
相關論文	★ USB WORM KILLER: Cure USB Flash Worms Through a USB Flash Worm ★ Discoverer- Rootkit即時偵測系統 ★ 一項Android手機上詐騙簡訊的偵測與防禦機制 ★ SRA系統防禦ARP欺騙劫持路由器 ★ A Solution for Detecting and Defending ARP Spoofing on Virtual Machines ★ 針對遠端緩衝區溢位攻擊之自動化即時反擊系統 ★ 即時血清系統: 具攻性防壁之自動化蠕蟲治癒系統 ★ DNSPD: Entrap Botnets Through DNS Cache Poisoning Detection ★ TransSQL: A Translation and Validation-based Solution for SQL-Injection Attacks ★ A Spam Mail-based Solution for Botnet Detection and Network Bandwidth Protection ★ Shark: Phishing Information Recycling from Spam Mails ★ FFRTD: Beat Fast-Flux by Response Time Differences ★ Antivirus Software Shield against Antivirus Terminators ★ MAC-YURI : My ACcount, YoUr ResponsIbility ★ KKBB: Kernel Keylogger Bye-Bye ★ CIDP Treatment: An Innovative Mobile Botnet Covert Channel based on Caller IDs with P8 Treatment
檔案	[Endnote RIS 格式]    [Bibtex 格式]    [相關文章]   [文章引用]   [完整記錄]   [館藏目錄]   至系統瀏覽論文 (2029-6-30以後開放)
摘要(中)	近年來，釣魚網站（Phishing Websites）已成為網路安全中的重大威脅，對個人和組織的資料安全造成了嚴重威脅。釣魚網站是指那些偽裝成合法網站，試圖從用戶那裡獲取敏感訊息，如帳戶密碼、信用卡號碼等，以進行非法活動的網站。它們通常利用欺騙性的手段，例如偽造的登入頁面和欺騙性的電子郵件，誘導用戶進行點擊和操作，從而竊取信息或安裝惡意軟體。 為了應對這一問題，此系統提出了一種新的釣魚網站檢測方法，該方法結合了登入前和登入後畫面的分析，以提高釣魚網站偵測的準確性，若無法透過登入前後畫面來識別是否為釣魚網站，則先把登入前後的原始碼做篩選，保留需要的程式碼當成AI方法的輸入，再由AI去判斷是否為釣魚網站，本研究的目標是開發出一種全面而有效的釣魚網站檢測系統，幫助用戶識別和防止釣魚網站的攻擊，從而保護個人和組織的資料安全。
摘要(英)	In recent years, phishing websites have become a significant threat in the realm of cybersecurity, posing severe risks to the data security of individuals and organizations. Phishing websites are those that masquerade as legitimate sites, attempting to obtain sensitive information from users, such as account passwords and credit card numbers, for illicit activities. These sites often employ deceptive tactics, such as fake login pages and misleading emails, to trick users into clicking and interacting, thereby stealing information or installing malware. To address this issue, this system proposes a novel phishing website detection method that combines the analysis of pre-login and post-login screens to enhance the accuracy of phishing site detection. If it is not possible to identify a phishing site through the analysis of pre-login and post-login screens, the system will filter the source code before and after login, retaining the necessary code as input for an AI method, which will then determine whether the site is a phishing website. The objective of this research is to develop a comprehensive and effective phishing website detection system that helps users identify and prevent phishing attacks, thereby protecting the data security of individuals and organizations.
關鍵字(中)	★ 釣魚網站 ★ 人工智慧	關鍵字(英)	★ Phishing website ★ AI
論文目次	中文摘要 i Abstract ii Acknowledgments iv Table of Contents vi List of Figures viii List of Tables ix Chapter I. Introduction 1 Chapter II. Background 3 2.1 GPT-4-1106-Preview 3 2.1.1 Self-supervised learning 4 2.1.2 Supervised Learning 5 2.1.3 Reinforcement Learning 7 2.2 Phishing attacks 8 2.2.1 Types of Phishing Attacks 10 2.2.2 Phishing Attack Prevention 11 Chapter III. Related Work 12 3.1 Methods Based on Deep Learning 13 3.2 Existing Phishing Website Detection Methods 15 3.2.1 Blacklist-based Methods 15 3.2.2 Classification-based Methods 16 3.2.3 Reference-based Methods 18 Chapter IV. System Design 20 4.1 Goal 20 4.2 System Architecture and Flowchart 22 4.3 Classification of Phishing Website Login Results 25 Chapter V. Evaluation 34 5.1 Implementation Environment 34 5.2 System Accuracy Testing 35 5.2.1 Method Two Accuracy 41 5.2.2 Method Three Accuracy 44 5.2.3 Comparison of Method Two and Method Three 47 Chapter VI. Discussion 48 6.1 Limitations 48 6.2 Future Work 49 Chapter VII. Conclusion 50 Chapter VIII. References 52
參考文獻	[1] OpenAI, “Gpt-4-1106-preview.” Available at: https://platform.openai.com/docs/models. [2] Trendmicro, “What is phishing?.” Available at: https://www.trendmicro.com/zh_tw/what-is/phishing.html [3] R. Liu, Y. Lin, X. Yang, S. H. Ng, D. M. Divakaran, and J. S. Dong, “Inferring phishing intention via webpage appearance and dynamics: A deep vision based approach,” Aug. 2022. Available at: https://www.usenix.org/conference/usenixsecurity22/presentation/liu-ruofan [4] S. Bell and P. Komisarczuk, “An analysis of phishing blacklists: Google safe browsing, openphish, and phishtank,” 2020. Available at: https://dl.acm.org/doi/10.1145/3373017.3373020. [5] R. Verma and K. Dyer, “On the character of phishing urls: Accurate and robust statistical learning classifiers,” 2015. Available at: https://dl.acm.org/doi/10.1145/2699026.2699115 [6] A. P. E. Rosiello, E. Kirda, C. Kruegel, and F. Ferrandi, “A layout-similarity-based approach for detecting phishing pages,” 2007. Available at: https://ieeexplore.ieee.org/document/4550367 [7] Tines, “phishstats.” Available at: https://phishstats.info/ [8] Semrush, “Open.trends.” Available at: https://zh.semrush.com/trending-websites/global/all [9] Y. Lin, R. Liu, D. M. Divakaran, J. Y. Ng, Q. Z. Chan, Y. Lu, Y. Si, F. Zhang, and J. S. Dong, “Phishpedia: A hybrid deep learning based approach to visually identify phishing webpages,” Aug. 2021. Available at: https://www.usenix.org/conference/usenixsecurity21/presentation/lin.
指導教授	許富皓(Fu-Hau Hsu)	審核日期	2024-7-18
推文	facebook   plurk   twitter   funp   google   live   udn   HD   myshare   reddit   netvibes   friend   youpush   delicious   baidu
網路書籤	Google bookmarks   del.icio.us   hemidemi   myshare