IEEE Access (Jan 2023)

PhiKitA: Phishing Kit Attacks Dataset for Phishing Websites Identification

  • Felipe Castano,
  • Eduardo Fidalgo Fernandez,
  • Rocio Alaiz-Rodriguez,
  • Enrique Alegre

DOI
https://doi.org/10.1109/ACCESS.2023.3268027
Journal volume & issue
Vol. 11
pp. 40779 – 40789

Abstract

Read online

Recent studies have shown that phishers are using phishing kits to deploy phishing attacks faster, easier and more massive. Detecting phishing kits in deployed websites might help to detect phishing campaigns earlier. To the best of our knowledge, there are no datasets providing a set of phishing kits that are used in websites that were attacked by phishing. In this work, we propose PhiKitA, a novel dataset that contains phishing kits and also phishing websites generated using these kits. We have applied MD5 hashes, fingerprints, and graph representation DOM algorithms to obtain baseline results in PhiKitA in three experiments: familiarity analysis of phishing kit samples, phishing website detection and identifying the source of a phishing website. In the familiarity analysis, we find evidence of different types of phishing kits and a small phishing campaign. In the binary classification problem for phishing detection, the graph representation algorithm achieved an accuracy of 92.50%, showing that the phishing kit data contain useful information to classify phishing. Finally, the MD5 hash representation obtained a 39.54% F1 score, which means that this algorithm does not extract enough information to distinguish phishing websites and their phishing kit sources properly.

Keywords