Advanced evasion attacks and mitigations on practical ML-based phishing website classifiers

Fu Song; Yusi Lei; Sen Chen; Lingling Fan; Yang Liu

首页> 外文期刊>International Journal of Intelligent Systems >Advanced evasion attacks and mitigations on practical ML-based phishing website classifiers

【24h】

Advanced evasion attacks and mitigations on practical ML-based phishing website classifiers

机译：基于实际ML的网络钓鱼网站分类器的高级逃避攻击和缓解

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

Machine learning (ML) based classifiers are vulnerable to evasion attacks, as shown by recent attacks. However, there is a lack of systematic study of evasion attacks on ML-based anti-phishing detection. In this study, we show that evasion attacks are not only effective on practical ML-based classifiers, but can also be efficiently launched without destructing the functionalities and appearance. For this purpose, we propose three mutation-based attacks, differing in the knowledge of the target classifier, addressing a key technical challenge: automatically crafting an adversarial sample from a known phishing website in a way that can mislead classifiers. To launch attacks in the white- and gray-box scenarios, we also propose a sample-based collision attack to gain the knowledge of the target classifier. We demonstrate the efficacy of our evasion attacks on the state-of-the-art, Google's phishing page filter, achieved 100% attack success rate in less than one second per website. Moreover, the transferability attack on BitDe-fender's industrial phishing page classifier, TrafficLight, achieved up to 81.25% attack success rate. We further propose a similarity-based method to mitigate such evasion attacks, Pelican, which compares the similarity of an unknown website with recently detected phishing websites. We demonstrate that Pelican can effectively detect evasion attacks, hence could be integrated into ML-based classifiers. We also highlight two strategies of classification rule selection to enhance the robustness of classifiers. Our findings contribute to design more robust phishing website classifiers in practice.

机译：基于机器学习（ML）的分类器容易受到逃离的攻击，如最近的攻击所示。然而，缺乏对ML的抗网络训练检测的逃避攻击的系统研究。在这项研究中，我们表明逃避攻击不仅有效地对基于实际的基于ML的分类器，而且可以有效地推动，而不会破坏功能和外观。为此目的，我们提出了三种基于突变的攻击，与目标分类器的知识不同，解决了一个关键的技术挑战：自动从一个可以误导分类器的方式从已知的网络钓鱼网站制作对抗性样本。为了在白细胞和灰度方案中发射攻击，我们还提出了一种基于样本的碰撞攻击，以获得目标分类器的知识。我们展示了我们逃离攻击对最先进的谷歌的网络钓鱼页面过滤器的功效，在每位网站不到一秒钟内实现了100％的攻击成功率。此外，对Bitde-Fender的工业网络钓鱼页面分类器，交通的可转移性攻击达到81.25％的攻击成功率。我们进一步提出了一种基于相似性的方法，以减轻这种逃离攻击鹈鹕，这与最近检测到的网络钓鱼网站的未知网站的相似性进行了比较。我们证明鹈鹕可以有效地检测逃离攻击，因此可以集成到基于ML的分类器中。我们还突出了两种分类规则选择策略，以增强分类器的稳健性。我们的调查结果有助于在实践中设计更强大的网络钓鱼网站分类器。

著录项

来源
《International Journal of Intelligent Systems》 |2021年第9期|5210-5240|共31页
作者
Fu Song; Yusi Lei; Sen Chen; Lingling Fan; Yang Liu;
展开▼
作者单位

School of Information Science and Technology ShanghaiTech University Shanghai Pudong China;

School of Information Science and Technology ShanghaiTech University Shanghai Pudong China;

College of Intelligence and Computing School of Cybersecurity Tianjin University Tianjin Jinnan China;

College of Cyber Science Nankai University Tianjin Jinnan China;

School of Computer Science and Engineering Nanyang Technological University Singapore Singapore;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类
关键词
adversarial attacks; adversarial sample detection; machine learning; mutation; phishing website;

机译：对抗性攻击;对抗性样品检测;机器学习;突变;网络钓鱼网站;

相似文献

外文文献
中文文献
专利

1. Detection of phishing attacks in financial and e-banking websites using link and visual similarity relation [J] . Ankit Kumar Jain, B.B. Gupta International journal of information and computer security . 2018,第4期

机译：使用链接和视觉相似关系检测金融和电子银行网站中的网络钓鱼攻击
2. An Ideal Approach for Detection of Phishing Attacks using Na?ve Bayes Classifier [J] . R.Priya International Journal of Computer Trends and Technology . 2016,第2期

机译：使用朴素贝叶斯分类器检测网络钓鱼攻击的理想方法
3. Training to Mitigate Phishing Attacks Using Mindfulness Techniques [J] . Jensen Matthew L., Dinger Michael, Wright Ryan T., Journal of management information systems . 2017,第2期

机译：培训以正念技术缓解网络钓鱼攻击
4. Gradient Correlation: Are Ensemble Classifiers More Robust Against Evasion Attacks in Practical Settings? [C] . Fuyong Zhang, Yi Wang, Hua Wang . 2018

机译：梯度相关：集合分类器在实际环境中对逃避攻击是否更健壮？
5. Categorization of Phishing Detection Features and Using the Feature Vectors to Classify Phishing Websites [D] . Namasivayam, Bhuvana. 2017

机译：对网络钓鱼检测特征的分类，并使用特征向量对网络钓鱼网站进行分类
6. Identifying and Mitigating Phishing Attack Threats in IoT Use Cases Using a Threat Modelling Approach [O] . Syed Ghazanfar Abbas, Ivan Vaccari, Faisal Hussain, 2021

机译：使用威胁建模方法识别和减轻物联网用例中的网络钓鱼攻击威胁
7. Phishing Website Detection Using Machine Learning Classifiers Optimized by Feature Selection [O] . Dželila Mehanović, Jasmin Kevrić 2020

机译：网络钓鱼网站检测使用通过特征选择优化的机器学习分类器

Advanced evasion attacks and mitigations on practical ML-based phishing website classifiers

摘要

著录项

相似文献

相关主题

期刊订阅