VIKAS COLLEGE OF ENGINEERING AND

TECHNOLOGY
ANTI-PHISHING TECHNIQUE TO DETECT URL
OBFUSCATION
Internal Guide : G . Divya M . Tech

Team Members
T . Devi – 18NQ1A05A5
N . Sri Sudeshna Devi – 18NQ1A0570
Keerthana . CH – 18NQ1A05A9
K . Ravi Kumar – 18NQ1A0550
 CONTENTS
• ABSTRACT
• EXISTING SYSTEM
• DISADVANTAGES
• PROPOSED SYSTEM
• ADVANTAGES
• HARDWARE REQUIREMENTS
• SOFTWARE REQUIREMENTS
• MODULES
• UML DIAGRAMS
• ALGORITHM
• DATABASES SCHEMES
• OUTPUT SCREENS
• CONCLUSION
 ABSTRACT

• Determine and evaluate the best set of features to be used for phishing Emails
detection using Manual feature selection based on the Email structure and
automated selection techniques.
• To determine the best classification algorithm for phishing detection.
• Design a system with integrate multiple classification algorithms for phishing
Emails detection and to evaluate such integration.
 EXISTING SYSTEM

• There are many existing techniques used to detect the phishing website but it has
some false positive values. Hence there is a possibility to identify the legitimate
website as phishing website.
• The methods used to identify the phishing websites are,
i. Black list
ii. White list
iii. Heuristic based
iv. Classification
 DISADVANTAGES

• The existing anti-Phishing technique, password Hash technique is ineffective against

some attack.
• Phishers stole the database entries and then tries hashes and after an exhaustive search
they get the pass.
• During implementation,SHA-1 is more secure but slow in execution as SHA-1 includes
more rounds comparatively.
 PROPOSED SYSTEM

• The proposal work starts by investigate the phishing email detection

accuracy with a complete feature set.
• Subsequently, reduce the time and space required for extracting and using
these features. Then, the performance of different classification algorithms
on the extracted feature set is investigated.
• Finally, a multiple approach for combining multiple classifiers is proposed.
 ADVANTAGES

 The attacker provides the input form in E-mail and the content of E-mail convince the user
to submit the data.

 The attacker may also provide iframe in E-mail so the user can be diverted to counterfeit
URLs.

 To provide the security against the newly invented methods the ObURL Detection
Algorithm is only works. Our experiments on iframe and input form in the various
categories may produce the positive results.
 HARDWARE REQUIREMENTS

• Processor : Any Processor Speed 1.1 GHz (min)

• RAM : 1 GB (min)
• Hard Disk Capacity : 40 GB(min)
• Keyboard : Standard Keyboard
• Mouse : Two or Three Button Mouse
 SOFTWARE REQUIREMENTS

• Operating System : Windows XP/7/8/LINUX

• Technology : PHP
• Front End : HTML, CSS, JavaScript and Bootstrap
• Database : MYSQL
• Web Server : Apache server,MYSQL
• Tool : XAMPP
 MODULES

• This Project explains the implementation of the link Guard algorithm using a
mail-box
• There are three modules involved in this project:
• Creation of a mail system and database operations
• Composes, send and receive a mail
• Implementation of the Link Guard algorithm
USECASE DIAGRAM
CLASS DIAGRAM
SEQUENCE DIAGRAM
COLLABORATION DIAGRAM
ACTIVITY DIAGRAM
 ALGORITHM
• Input: Content of Email Output: Prevent the user if URLs seems Counterfeit
• Alert User: Possible Phishing
• Safe User: No Phishing
• DB: Database
• If Input form found in E-mail Content then
• Alert User;
• End
• For each iframe in E-mail content do
• //get the content of iframe
• For each iframe in E-mail content’s iframe
• source do
• If input form found then
• Alert User;
• End
• For each hyperlink in E-mail content’s iframe source do // perform the test 1 to 6
• End For each hyperlink found in E-mail content and iframe source URL do
• Test 1: //DNS Test If hypertext! = Anchor text then Alert User;
• Test 2: // IP Address Test If IP address found in hyperlink then If IP address found in Whitelist
DB then Safe User; Else Alert User; // IP Address found in blacklist DB
• Test 3: // Encoded Test If hyperlink found encoded then Decode hyperlink; Inform User;
• Test 4: // Shorten URL Test If URL is shortens then Alert User;
• Test 5://hyperlink whitelist and blacklist test If URL found in whitelist DB then Safe User; Else
Alert User; // URL Found in Blacklist DB
• Test 6: // Pattern Matching Test If hypertext and anchor text pattern is matching then Alert User;
 DATABASE SCHEMES
GMAIL :
REGISTRATION
ADMIN
OUTPUT SCREENS
REGISTRATION FORM
LOGIN FORM
USER HOME PAGE
UPDATE PROFILE
ADMIN LOGIN
 CONCLUSION

• In this research, we have implemented and described ObURL Detection Algorithm against the URL
obfuscation phishing attack. Our algorithm expects to detect and prevent the maximum obfuscated
URLs. Our experiment on number of URLs proves that the ObURL Detection Algorithm is the one who
provides the maximum security and also provides the multilayer protection to prevent the URL
obfuscation phishing attack. The ObURL Detection Algorithm can works for both know as well as
unknown phishing attacks. Our algorithm provides the multilayer security with the minimal false
positive results. The ObURL Detection Algorithm increases the level of legitimacy and security to
protect the users confidential data over the internet.