- Title
- Unsupervised authorship analysis of phishing webpages
- Creator
- Layton, Robert; Watters, Paul; Dazeley, Richard
- Date
- 2012
- Type
- Text; Conference proceedings
- Identifier
- http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/38296
- Identifier
- vital:4854
- Identifier
-
https://doi.org/10.1109/ISCIT.2012.6380857
- Abstract
- Authorship analysis on phishing websites enables the investigation of phishing attacks, beyond basic analysis. In authorship analysis, salient features from documents are used to determine properties about the author, such as which of a set of candidate authors wrote a given document. In unsupervised authorship analysis, the aim is to group documents such that all documents by one author are grouped together. Applying this to cyber-attacks shows the size and scope of attacks from specific groups. This in turn allows investigators to focus their attention on specific attacking groups rather than trying to profile multiple independent attackers. In this paper, we analyse phishing websites using the current state of the art unsupervised authorship analysis method, called NUANCE. The results indicate that the application produces clusters which correlate strongly to authorship, evaluated using expert knowledge and external information as well as showing an improvement over a previous approach with known flaws. © 2012 IEEE.
- Publisher
- Gold Coast, QLD IEEE
- Rights
- Copyright 2012 IEEE
- Rights
- Open Access
- Rights
- This metadata is freely available under a CCO license
- Subject
- Phishing; Authorship; Cyber-attacks
- Full Text
- Hits: 1614
- Visitors: 1956
- Downloads: 392
Thumbnail | File | Description | Size | Format | |||
---|---|---|---|---|---|---|---|
View Details Download | SOURCE1 | Accepted version | 564 KB | Adobe Acrobat PDF | View Details Download |