Track: Security, Privacy, Reliability and Ethics
CANTINA: A Content-Based Approach to Detecting Phishing Web Sites
- Yue Zhang (University of Pittsburgh)
- Jason Hong (Carnegie Mellon University)
- Lorrie Cranor (Carnegie Mellon University)
Phishing is a significant problem involving fraudulent email and web sites that trick unsuspecting users into revealing private information. In this paper, we present the design, implementation, and evaluation of CANTINA, a novel, content-based approach to detecting phishing web sites, based on the well-known TF-IDF algorithm used in information retrieval. We also discuss the design and evaluation of several heuristics we developed to reduce our false positive rates. Our experiments show that CANTINA is good at detecting phishing sites, correctly labeling approximately 95% of phishing sites.