Title

Lexical URL Analysis for Discriminating Phishing and Legitimate E-Mail Messages

Document Type

Conference Proceeding

Publisher

IEEE

Editor(s)

Charles Shoniregun

Faculty

Faculty of Computing, Health and Science

School

School of Computer and Security Science / Security Research Centre (secAU)

RAS ID

12290

Comments

This article was originally published as: Khonji, M., Iraqi, Y., & Jones, A. (2011). Lexical URL Analysis for Discriminating Phishing and Legitimate E-Mail Messages. Paper presented at the International Conference for Internet Technology and Secured Transactions (ICITST). Abu Dhabi, UAE. Original article available here

Abstract

Phishing emails contain socially engineered messages to lure victims into performing certain actions, such as clicking on a URL where a phishing website is hosted, or executing a malware code. In a previous study, we proposed a lexical URL analysis approach for detecting phishing websites. In this study, we extend the approach to the phishing email classification domain. The primary motive behind this study is that most phishing email messages contain URLs that point to phishing websites, and lexically analyzing the URLs can enhance the classification accuracy of email messages. As evaluated in this study, the addition of URL lexical analysis in phishing email classification is effective and results in a highly accurate anti-phishing email classifier.