Open Access Open Access  Restricted Access Subscription or Fee Access

A Practical Rule Based Technique by Splitting SMS Phishing from SMS Spam for Better Accuracy in Mobile Device


(*) Corresponding author


Authors' affiliations


DOI: https://doi.org/10.15866/irecos.v9i10.3909

Abstract


Short Message Service (SMS) is one of the popular communication services. However, this can contribute to increasing mobile device attacks. Presently, SMS phishing (SMiShing) attack is alarming to the mobile phone users because these attacks usually succeed in stealing information and money. Moreover, SMS phishing and spam are two different types of attack and level of risk. Thus, it is important to have a SMS phishing corpus. The established SMS corpus is limited to spam and none can be found suitable for SMS Phishing. This study proposes a technique to split the class of SMS phishing from SMS spam and produce better accuracy using the Bayesian technique. The result shows that the enhanced SMS corpus gets 99.8064% accurate classification. The study identified classes and generated an improvement of SMS Phishing corpus which has been labelled in three different classes ie., Ham, Spam and Phishing with better accuracy.
Copyright © 2014 Praise Worthy Prize - All rights reserved.

Keywords


Classification; Detection; Phishing; Security; SMS; Spam

Full Text:

PDF


References


Microsoft. (2011, 8th June). Email and web scams: How to help protect yourself. Available: http://www.microsoft.com/security/online-privacy/phishing-scams.aspx

M. Boodae, "Mobile Users Three Times More Vulnerable to Phishing Attacks," in Trusteer vol. 2012, ed, 2011.

P. Soni, et al., "A phishing analysis of web based systems," presented at the Proceedings of the 2011 International Conference on Communication, Computing & Security, Rourkela, Odisha, India, 2011.
http://dx.doi.org/10.1145/1947940.1948049

C. F. M. Foozy, et al., "Phishing Detection Taxonomy for Mobile Device," International Journal of Computer Science Issues (IJCSI), vol. 10, 2013.

A. Kang, et al., "Security Considerations for Smart Phone Smishing Attacks," in Advanced in Computer Science and its Applications, ed: Springer, 2014, pp. 467-473.
http://dx.doi.org/10.1007/978-3-642-41674-3_66

D. Kim and J. Ryou, "SecureSMS: prevention of SMS interception on Android platform," presented at the Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication, Siem Reap, Cambodia, 2014.
http://dx.doi.org/10.1145/2557977.2557979

K. Beck and J. Zhan, "Phishing Using a Modified Bayesian Technique," in Social Computing (SocialCom), 2010 IEEE Second International Conference on, 2010, pp. 649-655.
http://dx.doi.org/10.1109/socialcom.2010.100

J. Nazario, "Phishing Corpus," vol. 2013, ed, 2005.

T. A. Almeida and J. M. G. Hidalgo. (2012, 23 September 2012). SMS Spam Collection Data Set. Available: http://archive.ics.uci.edu/ml/datasets/SMS+Spam+Collection

J. Nazario, "Phishing Corpus," 2004-2007.

E. F. Mark Hall, Geoffrey Holmes, Bernhard Pfahringer, Peter Reutemann, Ian H. Witten, "The WEKA Data Mining Software: An Update," SIGKDD Explorations, vol. 11, 2009.
http://dx.doi.org/10.1145/1656274.1656278

GetSafeOnline. (2012, 1 January 2013). Spam & Scam email. Available: http://www.getsafeonline.org/protecting-your-computer/spam-and-scam-email/

S. Abu-Nimeh, et al., "Distributed Phishing Detection by Applying Variable Selection Using Bayesian Additive Regression Trees," in Communications, 2009. ICC '09. IEEE International Conference on, 2009, pp. 1-5.
http://dx.doi.org/10.1109/icc.2009.5198931

J. Shah, "Online crime migrates to mobile phones," Sage, vol. 1, pp. 22-23, 2007.

K. Dunham, "Chapter 6 - Phishing, SMishing, and Vishing," in Mobile Malware Attacks and Defense, D. Ken, Ed., ed Boston: Syngress, 2009, pp. 125-196.
http://dx.doi.org/10.1016/b978-1-59749-298-0.00006-9

O. Salem, et al., "Awareness Program and AI based Tool to Reduce Risk of Phishing Attacks," in Computer and Information Technology (CIT), 2010 IEEE 10th International Conference on, 2010, pp. 1418-1423.
http://dx.doi.org/10.1109/cit.2010.254

N. Leavitt, "Mobile Security: Finally a Serious Problem?," Computer, vol. 44, pp. 11-14, 2011.
http://dx.doi.org/10.1109/mc.2011.184

I. Joe and H. Shim, "An SMS Spam Filtering System Using Support Vector Machine," in Future Generation Information Technology. vol. 6485, T.-h. Kim, et al., Eds., ed: Springer Berlin Heidelberg, 2010, pp. 577-584.
http://dx.doi.org/10.1007/978-3-642-17569-5_56

F-Secure, "Mobile Threat Report Q3 2012," F-Secure Labs2012.

J. W. Yoon, et al., "Hybrid spam filtering for mobile communication," Computers & Security, vol. 29, pp. 446-459, 2010.
http://dx.doi.org/10.1016/j.cose.2009.11.003

H. Peizhou, et al., "A Novel Method for Filtering Group Sending Short Message Spam," in Convergence and Hybrid Information Technology, 2008. ICHIT '08. International Conference on, 2008, pp. 60-65.
http://dx.doi.org/10.1109/ichit.2008.205

J. M. G. Hidalgo, et al., "Content based SMS spam filtering," presented at the Proceedings of the 2006 ACM symposium on Document engineering, Amsterdam, The Netherlands, 2006.
http://dx.doi.org/10.1145/1166160.1166191

T. M. Mahmoud and A. M. Mahfouz, "SMS Spam Filtering Technique Based on Artificial Immune System," IJCSI International Journal of Computer Science Issues, vol. 9, 2012.

Q. Xu, et al., "SMS Spam Detection using Content-less Features," Intelligent Systems, IEEE, vol. PP, pp. 1-1, 2012.
http://dx.doi.org/10.1109/mis.2012.3

G. V. Cormack, et al., "Feature engineering for mobile (SMS) spam filtering," presented at the Proceedings of the 30th annual international ACM SIGIR conference on Research and development in information retrieval, Amsterdam, The Netherlands, 2007.
http://dx.doi.org/10.1145/1277741.1277951

H. Najadat, et al., "Mobile SMS Spam Filtering based on Mixing Classifiers."

Y. Xiang, et al., "Filtering mobile spam by support vector machine " presented at the Conference on Computer Sciences, Software Engineering, Information Technology, E-Business and Applications (3rd: 2004 : Cairo, Egypt), Cairo, Egypt, 2004.

C. Jie, et al., "Spam Filter for Short Messages Using Winnow," in Advanced Language Processing and Web Information Technology, 2008. ALPIT '08. International Conference on, 2008, pp. 454-459.
http://dx.doi.org/10.1109/alpit.2008.14

W. Ningning, et al., "Real-time monitoring and filtering system for mobile SMS," in Industrial Electronics and Applications, 2008. ICIEA 2008. 3rd IEEE Conference on, 2008, pp. 1319-1324.
http://dx.doi.org/10.1109/iciea.2008.4582731

J. Huang, et al., "A Bayesian Approach for Text Filter on 3G Network," in Wireless Communications Networking and Mobile Computing (WiCOM), 2010 6th International Conference on, 2010, pp. 1-5.

A. K. Uysal, et al., "A novel framework for SMS spam filtering," in Innovations in Intelligent Systems and Applications (INISTA), 2012 International Symposium on, 2012, pp. 1-4.
http://dx.doi.org/10.1109/inista.2012.6246947

M. Taufiq Nuruzzaman, et al., "Simple SMS spam filtering on independent mobile phone," Security and Communication Networks, vol. 5, pp. 1209-1220, 2012.
http://dx.doi.org/10.1002/sec.577

K. Yadav, et al., "SMSAssassin: crowdsourcing driven mobile-based system for SMS spam filtering," presented at the Proceedings of the 12th Workshop on Mobile Computing Systems and Applications, Phoenix, Arizona, 2011.
http://dx.doi.org/10.1145/2184489.2184491

K. Yadav, et al., "Take Control of Your SMSes: Designing an Usable Spam SMS Filtering System," in Mobile Data Management (MDM), 2012 IEEE 13th International Conference on, 2012, pp. 352-355.
http://dx.doi.org/10.1109/mdm.2012.54

T. Charninda, et al., "Content based hybrid sms spam filtering system," 2014.

R. K. Verma, et al., "Extraction and Verification of Mobile Message Integrity," in Communication Systems and Network Technologies (CSNT), 2011 International Conference on, 2011, pp. 49-53.
http://dx.doi.org/10.1109/csnt.2011.17

N. Saxena and N. S. Chaudhari, "SecureSMS: A secure SMS protocol for VAS and other applications," Journal of Systems and Software, vol. 90, pp. 138-150, 2014.
http://dx.doi.org/10.1016/j.jss.2013.12.031

G. C. C. F. Pereira, et al., "SMSCrypto: A lightweight cryptographic framework for secure SMS transmission," Journal of Systems and Software, vol. 86, pp. 698-706, 2013.
http://dx.doi.org/10.1016/j.jss.2012.11.004

J. Choi and H. Kim, "A Novel Approach for SMS security," International Journal of Security & Its Applications, vol. 6, 2012.

E. Vall and P. Rosso, "Detection of near-duplicate user generated contents: the SMS spam collection," presented at the Proceedings of the 3rd international workshop on Search and mining user-generated contents, Glasgow, Scotland, UK, 2011.
http://dx.doi.org/10.1145/2065023.2065031

M. Z. Rafique, et al., "Application of evolutionary algorithms in detecting SMS spam at access layer," presented at the Proceedings of the 13th annual conference on Genetic and evolutionary computation, Dublin, Ireland, 2011.
http://dx.doi.org/10.1145/2001576.2001816

M. Z. R. que and M. Farooq, "SMS Spam Detection By Operating On Byte-Level Distributions Using Hidden Markov Models (HMMS)," presented at the Virus Bulletin Conference September 2010, 2010.

G. Yan, et al., "SMS-Watchdog: Profiling Social Behaviors of SMS Users for Anomaly Detection Recent Advances in Intrusion Detection." vol. 5758, E. Kirda, et al., Eds., ed: Springer Berlin / Heidelberg, 2009, pp. 202-223.
http://dx.doi.org/10.1007/978-3-642-04342-0_11

S. Lee. (2012, Smishing: SMS + Phishing, Present And On The Rise On Android. Available: http://www.alertboot.com/blog/blogs/endpoint_security/archive/2012/11/14/smishing-sms-phishing-present-and-on-the-rise-on-android.aspx

Karthika Renuka, D., Visalakshi, P., Blending firefly and bayes classifier for email spam classification, (2013) International Review on Computers and Software (IRECOS), 8 (9), pp. 2168-2177.

F. Toolan and J. Carthy, "Feature selection for Spam and Phishing detection," in eCrime Researchers Summit (eCrime), 2010, 2010, pp. 1-12.
http://dx.doi.org/10.1109/ecrime.2010.5706696

N. Mistry, et al., "Preventive Actions to Emerging Threats in Smart Devices Security," 2011.
http://dx.doi.org/10.5769/j201301003

Chandran, S.S., Murugappan, S., Spam detection and elimination of messages from twitter, (2013) International Review on Computers and Software (IRECOS), 8 (10), pp. 2438-2443.

L. Kriel, et al., "Towards a computer security induction manual for non-IT citizens."

A. Mahajan, et al., "Identification of Fake SMS generated using Android Applications in Android Devices."

R.B. Basnet , et al., "Rule-Based Phishing Attack Detection," International Conference on Security and Management SAM11 (2011), 2011.

V. Shreeram, et al., "Anti-phishing detection of phishing attacks using genetic algorithm," in Communication Control and Computing Technologies (ICCCCT), 2010 IEEE International Conference on, 2010, pp. 447-450.
http://dx.doi.org/10.1109/icccct.2010.5670593

M. Liping, et al., "Automatically Generating Classifier for Phishing Email Prediction," in Pervasive Systems, Algorithms, and Networks (ISPAN), 2009 10th International Symposium on, 2009, pp. 779-783.
http://dx.doi.org/10.1109/i-span.2009.153

H. Pamunuwa, et al., "An Intrusion Detection System for Detecting Phishing Attacks," in Secure Data Management. vol. 4721, W. Jonker and M. Petkovic, Eds., ed: Springer Berlin / Heidelberg, 2007, pp. 181-192.
http://dx.doi.org/10.1007/978-3-540-75248-6_13

A. Alnajim and M. Munro, "An Approach to the Implementation of the Anti-Phishing Tool for Phishing Websites Detection," in Intelligent Networking and Collaborative Systems, 2009. INCOS '09. International Conference on, 2009, pp. 105-112.
http://dx.doi.org/10.1109/incos.2009.37

C. V. Zhou, et al., "A Self-Healing, Self-Protecting Collaborative Intrusion Detection Architecture to Trace-Back Fast-Flux Phishing Domains," in Network Operations and Management Symposium Workshops, 2008. NOMS Workshops 2008. IEEE, 2008, pp. 321-327.
http://dx.doi.org/10.1109/nomsw.2007.50

M. Aburrous, et al., "Intelligent Phishing Website Detection System using Fuzzy Techniques," in Information and Communication Technologies: From Theory to Applications, 2008. ICTTA 2008. 3rd International Conference on, 2008, pp. 1-6.
http://dx.doi.org/10.1109/ictta.2008.4530019

H. Huajun, et al., "Countermeasure Techniques for Deceptive Phishing Attack," in New Trends in Information and Service Science, 2009. NISS '09. International Conference on, 2009, pp. 636-641.
http://dx.doi.org/10.1109/niss.2009.80

Y. Niu, et al., "iPhish: Phishing Vulnerabilities on Consumer Electronics," in UPSEC, 2008.

H. Weili, et al., "Anti-Phishing by Smart Mobile Device," in Network and Parallel Computing Workshops, 2007. NPC Workshops. IFIP International Conference on, 2007, pp. 295-302.
http://dx.doi.org/10.1109/npc.2007.68

G. V. Cormack, et al., "Spam filtering for short messages," presented at the Proceedings of the sixteenth ACM conference on Conference on information and knowledge management, Lisbon, Portugal, 2007.
http://dx.doi.org/10.1145/1321440.1321486

G. V. Cormack, et al., "Feature engineering for mobile (SMS) spam filtering," presented at the Proceedings of the 30th annual international ACM SIGIR conference on Research and development in information retrieval, Amsterdam, The Netherlands, 2007.
http://dx.doi.org/10.1145/1277741.1277951


Refbacks

  • There are currently no refbacks.



Please send any question about this web site to info@praiseworthyprize.com
Copyright © 2005-2024 Praise Worthy Prize