ARCHIVES

In this modern society where technologies are gradually increasing, Internet and browsing acts as a very crucial form of information delivery. Threat Attackers use this to their advantage to lure users into harmful websites that steals user’s personal information and that leads to most of the cybercrimes. Phishing acts as prevalent cyberattack which results in loss of sensitive information and financial losses. Old detection techniques involve mostly static indications like URL analysis and blacklist matching, but nowadays attackers are brilliantly tackling these detections by constantly evolving their phishing patterns and their schemes. Even though people are more aware so are these attackers in creating such fake sites exactly like an influential website and other mainstream sites. This confuses the people and leads to attackers gaining the data of users to use it in cybercrimes like identity theft. Most of the users get scammed by the interface of the website, because it seems more like a genuine website with proper logo and the login panel and also with no glitch in the website. Even if people hesitate to enter their details when they are unsure of the legitimacy of a site and try to verify using basic techniques, they can only detect sites that are already in their databases so sophisticated and zero-day exploits can easily these types of detection. In this paper, a prototype of the behavioural cue-based detection system is developed in order to handle such issues. This system examines the interactive behaviour of the user while they are accessing both regular web pages and login pages to detect the possibility of a phishing attempt by taking multiple data metrics such as mouse movements, click movements, click patterns, scrolling activity, keystrokes and time spent to reach to a conclusion. These data metrics are processed and classified using a Random forest machine learning model to categorize them as legitimate or phishing. A real time web based protype with a frontend-backend structure is used to make a web interface to demonstrate the use of this detection system.