 |
Let me summarize my presentation.
We focused on phishing websites using HTTPS and constructed and analyzed DNS graphs of domain names and IP addresses of phishing websites using CT logs.
We showed that the main differences between the DNS graphs of benign and phishing websites are the average number of nodes per component and the average node degree per component.
In terms of the clustering coefficient, few differences were observed between the benign and phishing websites corresponding to components with 10 or more nodes.
In future work, we plan to analyze the results of this study in more detail using other complex network metrics.
We also intend to analyze the growth and change of DNS graphs for benign and phishing websites using time series analysis, and to develop a detection method for phishing websites.
|
IEEE/ICACT20230129 Slide.17
[Big Slide]
[YouTube]