| |||||||
ShanghaiTech University Knowledge Management System
| Advanced evasion attacks and mitigations on practical ML-based phishing website classifiers | |
| 2021-09 | |
| 发表期刊 | INTERNATIONAL JOURNAL OF INTELLIGENT SYSTEMS (IF:5.0[JCR-2023],5.9[5-Year]) |
| ISSN | 0884-8173 |
| EISSN | 1098-111X |
| 卷号 | 36期号:9页码:5210-5240 |
| DOI | 10.1002/int.22510 |
| 摘要 | Machine learning (ML) based classifiers are vulnerable to evasion attacks, as shown by recent attacks. However, there is a lack of systematic study of evasion attacks on ML-based anti-phishing detection. In this study, we show that evasion attacks are not only effective on practical ML-based classifiers, but can also be efficiently launched without destructing the functionalities and appearance. For this purpose, we propose three mutation-based attacks, differing in the knowledge of the target classifier, addressing a key technical challenge: automatically crafting an adversarial sample from a known phishing website in a way that can mislead classifiers. To launch attacks in the white- and gray-box scenarios, we also propose a sample-based collision attack to gain the knowledge of the target classifier. We demonstrate the efficacy of our evasion attacks on the state-of-the-art, Google's phishing page filter, achieved 100% attack success rate in less than one second per website. Moreover, the transferability attack on BitDefender's industrial phishing page classifier, TrafficLight, achieved up to 81.25% attack success rate. We further propose a similarity-based method to mitigate such evasion attacks, Pelican, which compares the similarity of an unknown website with recently detected phishing websites. We demonstrate that Pelican can effectively detect evasion attacks, hence could be integrated into ML-based classifiers. We also highlight two strategies of classification rule selection to enhance the robustness of classifiers. Our findings contribute to design more robust phishing website classifiers in practice. |
| 关键词 | adversarial attacks adversarial sample detection machine learning mutation phishing website |
| URL | 查看原文 |
| 收录类别 | SCIE ; EI |
| 语种 | 英语 |
| WOS研究方向 | Computer Science |
| WOS类目 | Computer Science, Artificial Intelligence |
| WOS记录号 | WOS:000661142100001 |
| 出版者 | WILEY |
| 原始文献类型 | Article; Early Access |
| 引用统计 | 正在获取...
|
| 文献类型 | 期刊论文 |
| 条目标识符 | https://kms.shanghaitech.edu.cn/handle/2MSLDSTB/127570 |
| 专题 | 信息科学与技术学院_PI研究组_宋富组 |
| 通讯作者 | Song, Fu |
| 作者单位 | 1.ShanghaiTech Univ, Sch Informat Sci & Technol, 393 Huaxia Middle Rd, Shanghai 201210, Pudong, Peoples R China; 2.Tianjin Univ, Sch Cybersecur, Coll Intelligence & Comp, Tianjin, Peoples R China; 3.Nankai Univ, Coll Cyber Sci, Tianjin, Peoples R China; 4.Nanyang Technol Univ, Sch Comp Sci & Engn, Singapore, Singapore |
| 第一作者单位 | 信息科学与技术学院 |
| 通讯作者单位 | 信息科学与技术学院 |
| 第一作者的第一单位 | 信息科学与技术学院 |
| 推荐引用方式 GB/T 7714 | Song, Fu,Lei, Yusi,Chen, Sen,et al. Advanced evasion attacks and mitigations on practical ML-based phishing website classifiers[J]. INTERNATIONAL JOURNAL OF INTELLIGENT SYSTEMS,2021,36(9):5210-5240. |
| APA | Song, Fu,Lei, Yusi,Chen, Sen,Fan, Lingling,&Liu, Yang.(2021).Advanced evasion attacks and mitigations on practical ML-based phishing website classifiers.INTERNATIONAL JOURNAL OF INTELLIGENT SYSTEMS,36(9),5210-5240. |
| MLA | Song, Fu,et al."Advanced evasion attacks and mitigations on practical ML-based phishing website classifiers".INTERNATIONAL JOURNAL OF INTELLIGENT SYSTEMS 36.9(2021):5210-5240. |
| 条目包含的文件 | 下载所有文件 | |||||
| 文件名称/大小 | 文献类型 | 版本类型 | 开放类型 | 使用许可 | ||
| 个性服务 |
| 查看访问统计 |
| 谷歌学术 |
| 谷歌学术中相似的文章 |
| [Song, Fu]的文章 |
| [Lei, Yusi]的文章 |
| [Chen, Sen]的文章 |
| 百度学术 |
| 百度学术中相似的文章 |
| [Song, Fu]的文章 |
| [Lei, Yusi]的文章 |
| [Chen, Sen]的文章 |
| 必应学术 |
| 必应学术中相似的文章 |
| [Song, Fu]的文章 |
| [Lei, Yusi]的文章 |
| [Chen, Sen]的文章 |
| 相关权益政策 |
| 暂无数据 |
| 收藏/分享 |
修改评论
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。