To mimic web pages of real websites, phishing websites are created by malicious people. Some of the Web pages look like the original websites. To analyze and to understand phishing website is a very complicate and complex issue and it is both technical and social problem .The aim of this report is to create a flexible and effective method that uses fuzzy logic. To check whether phishing activity is taking place or not, fuzzy logic is used on websites to qualify all phishing website characteristics. Fuzzy logic modeling is applied in this approach to assess the phishing website risk on the 27 characteristics and it is also applied on the factors which stamp the forged website. The FL model which is proposed depends on operators which is used to characterize the Website phishing factors and indicators as fuzzy variables and produces six measures and criteria of the phishing website attack size with a layer structure. The results show the significance and importance of (URL and Domain Identity) phishing site criteria, which is represented by one layer, and have an effect on the different layer of the phishing feature.
1.Retrieved on Dec 25 from www.wholesecurity.com.
2.Retrieved on Dec 26 from http://ieeexplore.ieee.org/xpl/freeabs_all.jsp. 3.Retrieved on Dec 26 from http://portal.acm.org/citation.cfm. 4.Retrieved on Dec 27 from http://antiphishing.org/reports/apwg_report_DEC2005_FINAL.pdf 5.Retrieved on Dec 28 from http://en.wikipedia.org/wiki/Anti-phishing_software. 6.Retrieved on Dec 29 from S. Shah, “Measuring Operational Risks using Fuzzy Logic Modeling, “Article, Towers Perrin, July 2003. 7.Retrieved on Dec 30 from T. Sharif, “Phishing Filter in IE7,” http://blogs.msdn.com/ie/archive/2005/09/09/463204.aspx, September 9, 2006. 8.Retrieved on Dec 30 from http://en.wikipedia.org/wiki/Defuzzification. 9.Retrieved on Dec 30 from http://www.computer.org/portal/web/csdl/doi.