NoFish; Total Anti-Phishing Protection System

Abstract

Phishing attacks have been identified by researchers as one of the major cyber-attack vectors which the general public has to face today. Although many vendors constantly launch new anti-phishing products, these products cannot prevent all the phishing attacks. The proposed solution, “NoFish” is a total anti-phishing protection system created especially for end-users as well as for organizations. This paper proposes a machine learning & computer vision-based approach for intelligent phishing detection. In this paper, a realtime anti-phishing system, which has been implemented using four main phishing detection mechanisms, is proposed. The system has the following distinguishing properties from related studies in the literature: language independence, use of a considerable amount of phishing and legitimate data, real-time execution, detection of new websites, detecting zero hour phishing attacks and use of feature-rich classifiers, visual image comparison, DNS phishing detection, email client plugin and especially the overall system is designed using a level-based security architecture to reduce the time-consumption. Users can simply download the NoFish browser extension and email plugin to protect themselves, establishing a relatively secure browsing environment. Users are more secure in cyberspace with NoFish which depicts a 97% accuracy level.