@article{8612b3bb3e8847d4b14bf1ae45b14800,
title = "Enhancing predictive analytics for anti-phishing by exploiting website genre information",
abstract = "Phishing websites continue to successfully exploit user vulnerabilities in household and enterprise settings. Existing anti-phishing tools lack the accuracy and generalizability needed to protect Internet users and organizations from the myriad of attacks encountered daily. Consequently, users often disregard these tools' warnings. In this study, using a design science approach, we propose a novel method for detecting phishing websites. By adopting a genre theoretic perspective, the proposed genre tree kernel method utilizes fraud cues that are associated with differences in purpose between legitimate and phishing websites, manifested through genre composition and design structure, resulting in enhanced anti-phishing capabilities. To evaluate the genre tree kernel method, a series of experiments were conducted on a testbed encompassing thousands of legitimate and phishing websites. The results revealed that the proposed method provided significantly better detection capabilities than state-of-the-art anti-phishing methods. An additional experiment demonstrated the effectiveness of the genre tree kernel technique in user settings; users utilizing the method were able to better identify and avoid phishing websites, and were consequently less likely to transact with them. Given the extensive monetary and social ramifications associated with phishing, the results have important implications for future anti-phishing strategies. More broadly, the results underscore the importance of considering intention/purpose as a critical dimension for automated credibility assessment: focusing not only on the {"}what{"} but rather on operationalizing the {"}why{"} into salient detection cues.",
keywords = "Credibility assessment, Data mining, Design science, Internet fraud, Phishing, Phishing websites, Website genres, genre theory",
author = "Ahmed Abbasi and Zahedi, {Fatemeh Mariam} and Daniel Zeng and Yan Chen and Hsinchun Chen and Nunamaker, {Jay F.}",
note = "Funding Information: Design Science Hall of Fame in May 2008 and received the LEO Award for Lifetime Achievement from the Association for Information Systems (AIS) in December 2002 and was elected a fellow of the AIS in 2000. He was featured in the July 1997 issue of Forbes Magazine on technology as one of eight key innovators in information technology. He is widely published, with an h-index above 60. His specialization is in the fields of system analysis and design, collaboration technology, and deception detection. The commercial product GroupSystems ThinkTank, based on his research, is often referred to as the gold standard for structured collaboration systems. He was a research assistant funded by the ISDOS project at the University of Michigan and an associate professor of computer science at Purdue University. He founded the MIS Department at the University of Arizona in 1974 and served as department head for 18 years. Funding Information: Acknowledgements: This work was funded by the following grants from the U.S. National Science Foundation: CNS-1049497 and ACI-1443019. Research reported in this study is also partially supported by NSFC #71025001, #91024030, #71272236; and BJNSF #4132072. We would also like to thank our collaborators at McAfee Security for their guidance in developing the controlled experiment for the anti-phishing-tool user study. Funding Information: HSINCHUN CHEN is University of Arizona Regents Professor and Thomas R. Brown Chair in Management and Technology in the Management Information Systems (MIS) Department at the Eller College of Management. He joined the NSF as program director of the Smart and Connected Health Program in September 2014. He received a B.S. degree from National Chiao-Tung University in Taiwan, an MBA degree from SUNY Buffalo, and a Ph.D. degree in information systems from New York University. He is director of the Artificial Intelligence Lab where he developed the COPLINK system, which has been cited as a national model for public safety information sharing and analysis, and has been adopted in more than 3,500 law enforcement and intelligence agencies. He is a fellow of IEEE and AAAS and has received the IEEE Computer Society 2006 Technical Achievement Award, the 2008 INFORMS Design Science Award, and several other distinctions. He is author/editor of 20 books, 25 book chapters, 280 SCI journal articles, and 150 refereed conference articles covering digital library, data/text/web mining, business analytics, security informatics, and health informatics. His overall h-index is 70, with 17,000 citations. He is editor in chief (EIC) emeritus of the ACM Transactions on Management Information Systems (ACM TMIS) and EIC of Security Informatics. He has received over 90 grants totaling more than $40 million in research funding from NSF, NIH, NLM, DOD, DOJ, CIA, DHS, and other agencies. Funding Information: DANIEL ZENG received M.S. and Ph.D. degrees in industrial administration from Carnegie Mellon University and a B.S. degree in economics and operations research from the University of Science and Technology of China, Hefei, China. He is a research fellow at the Institute of Automation, Chinese Academy of Sciences, and Gentile Family Professor in the Department of Management Information Systems at the University of Arizona. His research interests include intelligence and security informatics, infectious disease informatics, social computing, recommender systems, software agents, spatial-temporal data analysis, business analytics, and online advertising. He has published one monograph and more than 300 peer-reviewed articles. He serves as the editor in chief of IEEE Intelligent Systems. His research has been funded mainly by the U.S. National Science Foundation, the U.S. National Institutes of Health, the U.S. Department of Homeland Security, the National Natural Science Foundation of China, and the Ministry of Health of China. As principal investigator (PI) or co-PI, he has received more than $20 million in government research support. He is president elect of the IEEE Intelligent Transportation Systems Society and the past chair of INFORMS College on Artificial Intelligence. Funding Information: AHMED ABBASI is an associate professor of information technology (IT) and director of the Center for Business Analytics in the McIntire School of Commerce at the University of Virginia. He attained his B.S. and MBA degrees from Virginia Tech, and a Ph.D. from the University of Arizona. His research interests relate to predictive analytics, with applications in online fraud and security, text mining, health, and social media. He has published more than 50 peer-reviewed articles in top journals and conference proceedings, including MIS Quarterly, Journal of Management Information Systems, ACM Transactions on Information Systems, IEEE Transactions on Knowledge and Data Engineering, and IEEE Intelligent Systems. His projects on Internet fraud, cyber security, and social media analytics have been funded by the National Science Foundation. He received the IBM Faculty Award and AWS Research Grant for his work on big data. He has also received best paper awards from MIS Quarterly, the Association for Information Systems, and the Workshop on Information Technologies and Systems. He serves as an associate editor for Information Systems Research, Decision Sciences Journal, ACM Transactions on MIS, and IEEE Intelligent Systems. He also serves on program committees for various conferences related to computational linguistics, text analytics, and data mining. His work has been featured in several media outlets, including the Wall Street Journal, the Associated Press, and Fox News. Publisher Copyright: Copyright {\textcopyright} Taylor & Francis Group, LLC.",
year = "2015",
month = jan,
day = "1",
doi = "10.1080/07421222.2014.1001260",
language = "English (US)",
volume = "31",
pages = "109--157",
journal = "Journal of Management Information Systems",
issn = "0742-1222",
publisher = "M.E. Sharpe Inc.",
number = "4",
}