Abstract
With the tremendous increase in our dependence on online services for daily needs, cyber threats and related crime have also increased at an alarming rate. Phishing is one of the most common cyber threats used these days to steal secure information like personal details and financial credentials that are often misused for impersonation and committing cyber fraud. Although numerous solutions exist for detection and prevention from phishing scenarios, no solution can combat phishing attacks in real-time efficiently. This paper is focussed on studying the real-time security aspects of providing safe online services to every user. The primary aim of this paper is to propose an anti-phishing framework that could be implemented by Internet Security Providers (ISPs) to handle phishing attacks at their own level and providing secure connections to end users irrespective of the client machine configurations. The proposed framework utilizes the advantages of deep learning classification implemented as the backend for identifying phishing websites at the end of ISPs. This approach is capable of handling phishing attacks efficiently as compared to other client-specific approaches as the ISPs proactively can validate and flag the new domains added for HTTP/HTTPS as well as SMTP and prevent millions of users from getting affected.
Subject Classification: