Deakin University
Browse

File(s) under permanent embargo

Establishing phishing provenance using orthographic features

conference contribution
posted on 2009-12-28, 00:00 authored by L Ma, John YearwoodJohn Yearwood, P Watters
After phishing message detection, determining the provenance of phishing messages and websites is the second step to tracing cybercriminals. In this paper, we present a novel method to cluster phishing emails automatically using orthographic features. In particular, we develop an algorithm to cluster documents and remove redundant features at the same time. After collecting all the possible features based on observation, we adapt the modified global k-mean method repeatedly, and generate the objective function values over a range of tolerance values across different subsets of features. Finally, we identify the appropriate clusters based on studying the distribution of the objective function values. Experimental evaluation of a large number of computations demonstrates that our clustering and feature selection techniques are highly effective and achieve reliable results.

History

Location

Tacoma, WA

Start date

2009-09-20

End date

2009-10-21

ISBN-13

9781424446261

Publication classification

EN.1 Other conference paper

Title of proceedings

2009 eCrime Researchers Summit, eCRIME '09

Publisher

IEEE

Place of publication

Piscataway, N.J.

Usage metrics

    Research Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC