Given that the first two classified into three categories: embedded aspects are fixed; the behavior of the ANN is approaches, wrapper approaches, and filter defined by the current values of the weights.
The approaches. The filter model relies on the general weights of the net, to be trained, are initially set to characteristics of data and evaluates features random values, and then instances of the training without involving any learning algorithm. The set are repeatedly exposed to the net. The values for wrapper model requires having a predetermined the input of an instance are placed on the input learning algorithm and uses its performance as units and the output of the net is compared with the evaluation criterion to select features.
The desired output for this instance. Then, all the embedded model incorporates variable selection as weights in the net are adjusted slightly in a part of the training process, and feature relevance Activation Functions the direction that would bring is obtained analytically from the objective of the the output values of the net closer to the values for learning model [13].
In This paper, information the desired output [16]. Particle swarm optimization PSO is a 3. In feature selection algorithm of the filter model PSO, the problem is represented as a particle, which is a measure of dependence between the which is represented by a vector or an array. It is one of the most Particles move in the search space to search for the powerful, easy to compute and simple to interpret optimal solutions.
During the movement, each feature selection technique. Information Gain IG particle can remember its best experience. The of a feature X and the class labels Y is calculated as whole swarm searches for the optimal solution by in equation 1. In PSO, each candidate solution of the In this paper, an approach for website problem is encoded as a particle moving in the spoofing detection is introduced.
Neural Network search space. The whole swarm searches for the using PSO, as a training algorithm, Feed forward optimal solution by updating the position of each Neural Network has been used for detecting particle based on the experience of its own and its spoofing websites. To detect spoofing websites neighboring particles. The swarm is initialized with a PSO.
The features weight. Here D is for The proposed system model as shown in dimension and R is for real numbers. Velocity is updated by the 4. In this find the global optima. Position is updated by work a list of 36 features are extracted; they are equation 3.
All of these features are extracted using Visual C programming language. These features are briefly described in table 1. The dataset consists of various websites such as banking sites, online shopping sites, reservation sites, etc.
DMOZ is the largest, most comprehensive human-edited directory of the Web. It contains a categorized list of Web URLs. Their listings are updated on monthly basis and published in RDF files. DMOZ provides the means for the Internet to organize itself.
Spoofing dataset was Website Dataset downloaded as. Feature Description Description 4. The rules are presented in [20], [21], [22], [23]. In this work, information Gain algorithm was used as feature selection method. For each feature, the algorithm produced a value between 0 and 1. In this proposed system, information gain value was calculated for the 36 features based on legitimate and spoofing websites and just 21 features with the high information gain values were selected for the classification purpose, since the system achieved high performance using this set of features.
In the case of a neural Figure 2: Extraction of a legitimate website Features network, a particle's position represents the values for the network's weights and biases. In each iteration, every particle moves to a new position. A particle's movement is based on the particle's current speed and direction velocity , the best position discovered by the particle at any time and the best position found by any of the other particles in the swarm.
Algorithm 1. The PSO algorithm is vastly various than any of the traditional methods of training. PSO does not just train one network, but rather training networks. PSO builds a set number of ANN and initializes all network weights to random values and starts training each one. The network with the highest fitness was considered the global best. Each neuron contains a position and velocity. The position corresponds to the weight of a neuron.
The velocity is used to update the weight. If a neuron is further away, then it will adjust its Figure 3: Extraction of a Spoofing Website Features weight more than a neuron that is closer to the global best.
The experiment results ,No. JavaScript can be used to route Web pages and information through the attacker's computer, which impersonates the destination Web server. The attacker can initiate the spoof by sending e-mail to the victim that contains a link to the forged page or putting a link into a popular search engine. SSL does not necessarily prevent this sort of "man-in-the-middle" MITM attack; the connection appears to the victim user to be secure because it is secure.
The problem is that the secure connection is to a different site than the one to which the victim thinks they are connecting. Although many modern browsers will indicate a problem with the SSL certificate not matching, hyperlink spoofing exploits the fact that SSL does not verify hyperlinks that the user follows, so if a user gets to a site by following a link, they can be sent to a spoofed site that appears to be a legitimate site. Web spoofing is a high-tech form of con artistry, and is also often referred to as phishing.
The point of the scam is to fool users into giving confidential information such as credit card numbers, bank account numbers, or Social Security numbers to an entity that the user thinks is legitimate, and then using that information for criminal purposes such as identity theft or credit card fraud.
The only difference between this and the "real-world" con artist who knocks on a victim's door and pretends to be from the bank, requiring account information, is in the technology used to pull it off. There are clues that will tip off an observant victim that a Web site is not what it appears to be, such as the URL or status line of the browser.
However, an attacker can use JavaScript to cover their tracks by modifying these elements. An attacker can even go so far as to use JavaScript to replace the browser's menu bar with one that looks the same but replaces functions that provide clues to the invalidity of the page, such as the display of the page's source code. Newer versions of Web browsers have been modified to make Web spoofing more difficult. For example, prior to version 4 of Netscape and IE, both were highly vulnerable to this type of attack.
A common method of spoofing URLs involved exploiting the ways in which browsers read addresses entered into the address field. People often deduce what is in a file by its name. Is manual. It might be another kind of document, or it might not be a document at all. URLs are another example. COM the address of a large software company? For a while that address pointed to someone else entirely. Was dole It was not; it pointed to a parody site. Web Spoofing 3 People often get context from the timing of events.
If two things happen at the same time, you naturally think they are related. If you click on a link and a document immediately starts downloading, you assume that the document came from the site whose link you clicked on.
Either assumption could be wrong. If you only see one browser window when an event occurs, you might not realize that the event was caused by another window hiding behind the visible one.
Modern user-interface designers spend their time trying to devise contextual cues that will guide people to behave appropriately, even if they do not explicitly notice the cues. While this is usually beneficial, it can become dangerous when people are accustomed to relying on context that is not always correct. Examples of such attacks include TCP spoofing4, in which Internet packets are sent with forged return addresses, and DNS spoofing5, in which the attacker forges information about which machine names correspond to which network addresses.
These other spoofing attacks are well known, so we will not discuss them further. Web Spoofing Web spoofing is a kind of electronic con game in which the attacker creates a convincing but false copy of the entire World Wide Web.
The false Web looks just like the real one: it has all the same pages and links. Consequences Since the attacker can observe or modify any data going from the victim to Web servers, as well as controlling all return traffic from Web servers to the victim, the attacker has many possibilities.
These include surveillance and tampering. Surveillance The attacker can passively watch the traffic, recording which pages the victim visits and the contents of those pages. When the victim fills out a form, the entered data is transmitted to a Web server, so the attacker can record that too, along with the response sent back by the server. Since most on-line commerce is done via forms, this means the attacker can observe any account numbers or passwords the victim enters.
Web Spoofing 4 Tampering The attacker is also free to modify any of the data traveling in either direction between the victim and the Web. The attacker can modify form data submitted by the victim. For example, if the victim is ordering a product on-line, the attacker can change the product number, the quantity, or the ship-to address. The attacker can also modify the data returned by a Web server, for example by inserting misleading or offensive material in order to trick the victim or to cause antagonism between the victim and the server.
Spoofing the Whole Web You may think it is difficult for the attacker to spoof the entire World Wide Web, but it is not. The attacker need not store the entire contents of the Web. The URL rewriting technique has been used for other reasons by several other Web sites, including the Anonymizer and the Zippy filter.
See page 9 for details. Figure 1 shows what happens when the victim requests a page through one of the rewritten URLs. The victim requests a Web page. Since all of the URLs in the rewritten page now point to www. Forms If the victim fills out a form on a page in a false Web, the result appears to be handled properly. Spoofing of forms works naturally because forms are integrated closely into the basic Web protocols: form submissions are encoded in Web requests and the replies are ordinary HTML.
Since any URL can be spoofed, forms can also be spoofed. Web Spoofing 6 editing desired, before passing it on to the real server. Unfortunately the secure connection is to www. The secure-connection indicator only gives the victim a false sense of security. There are several ways to do this. An attacker could put a link to a false Web onto a popular Web page. If the victim is using Web-enabled email, the attacker could email the victim a pointer to a false Web, or even the contents of a page in a false Web.
0コメント