VisualPhishNet: Zero-Day Phishing Website Detection by Visual Similarity
Sahar Abdelnabi, Katharina Krombholz, Mario Fritz
TL;DR
VisualPhishNet is a novel CNN-based framework that detects zero-day phishing websites through visual similarity, leveraging a large dataset to outperform prior methods and resist evasion tactics.
Contribution
Introduces VisualPhishNet, a new triplet CNN model for visual phishing detection, and presents VisualPhish, the largest dataset for this task, enhancing detection of unseen phishing pages.
Findings
Outperforms previous visual similarity detection methods significantly.
Robust against various evasion attacks.
Effective in detecting zero-day phishing websites.
Abstract
Phishing websites are still a major threat in today's Internet ecosystem. Despite numerous previous efforts, similarity-based detection methods do not offer sufficient protection for the trusted websites - in particular against unseen phishing pages. This paper contributes VisualPhishNet, a new similarity-based phishing detection framework, based on a triplet Convolutional Neural Network (CNN). VisualPhishNet learns profiles for websites in order to detect phishing websites by a similarity metric that can generalize to pages with new visual appearances. We furthermore present VisualPhish, the largest dataset to date that facilitates visual phishing detection in an ecologically valid manner. We show that our method outperforms previous visual similarity phishing detection approaches by a large margin while being robust against a range of evasion attacks.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.