Social networks are one of the emerging popular platforms for users to interact with each other. User privacy protection on social network is more significant because of availability of huge volume of sensitive data in social network platforms. A conventional information stealing technique is phishing attacks still works in their way to cause a lot of privacy violation incidents. Phishing is a technique where attackers attempt to steal personal information of website users by creating websites that mimic as legitimate website. Phishers steals confidential or sensitive information like credit card pin number, password etc for their personal use or for organizational purpose. Phishing websites often direct users to enter personal information at a fake website which look and feel almost identical to the legitimate one. So it is essential to detect phishing websites in social network platforms. There are various techniques and approaches have been proposed for detection of phishing websites. This survey focus to provide an overview of the literature in phishing detection with various techniques implemented in them, their merits and demerits etc. Comparison based on parameters was also done to prove the efficiency of the various proposed techniques of phishing detection. The comparison results show the best phishing detection method among them.

Social networks, phishing, phishers, privacy protection, phishing websites

M. Khonji, Y. Iraqi, and A. Jones, “Phishing detection: a literature survey”, IEEE Communications Surveys & Tutorials, vol. 15, no. 4, pp. 2091-2121, 2013, doi: 10.1109/SURV.2013.032213.00009.

R. Basnet, S. Mukkamala, and A. H. Sung, “Detection of Phishing Attacks: A Machine Learning Approach”, Soft Computing Applications in Industry, vol. 226, pp. 373-383, 2008, doi: 10.1007/978-3-540-77465-5_19.

S. Palka, and D. McCoy, “Dynamic phishing content using generative grammars”, Software Testing, Verification and Validation Workshops (ICSTW), 2015 IEEE Eighth International Conference on IEEE, pp. 1-8, 2015, doi:10.1109/ICSTW.2015.7107458.

S. B. Rathod, and T. M. Pattewar, “Content based spam detection in email using Bayesian classifier”, Communications and Signal Processing (ICCSP), 2015 International Conference on IEEE, pp. 1257-1261, 2015, doi:10.1109/ICCSP.2015.7322709.

W. Zhuang, Q. Jiang, and T. Xiong, “An intelligent anti-phishing strategy model for phishing website detection”, Distributed Computing Systems Workshops (ICDCSW), 2012 32nd International Conference on IEEE, pp. 51-56, 2012, doi: 10.1109/ICDCSW.2012.66.

Y. Joshi, D. Das, and S. Saha, “Mitigating man in the middle attack over secure sockets layer”, Internet Multimedia Services Architecture and Applications (IMSAA), 2009 IEEE International Conference on IEEE, pp. 1-5, 2009, doi: 10.1109/IMSAA.2009.5439461.

H. Y. Abutair, and A. Belghith, “Using Case-Based Reasoning for Phishing Detection”, Procedia Computer Science, vol. 109, pp. 281-288, 2017, doi: 10.1016/j.procs.2017.05.352.

G. Sonowal, and K. S. Kuppusamy, “PhiDMA–A phishing detection model with multi-filter approach”, Journal of King Saud University-Computer and Information Sciences, 2017, doi: 10.1016/j.jksuci.2017.07.005.

M. Moghimi, and A. Y. Varjani, “New rule-based phishing detection method”, Expert systems with applications, vol. 53, pp. 231-242, 2016, doi: 10.1016/j.eswa.2016.01.028.

N. Abdelhamid, A. Ayesh, and F. Thabtah, “Phishing detection based associative classification data mining”, Expert Systems with Applications, vol. 41, no. 13, pp. 5948-5959, 2014, doi: 10.1016/j.eswa.2014.03.019.

C. L. Tan, K. L. Chiew, and K. Wong, “PhishWHO: Phishing webpage detection via identity keywords extraction and target domain name finder”, Decision Support Systems, vol. 88, pp. 18-27, 2016, doi: 10.1016/j.dss.2016.05.005.

G. Ramesh, J. Gupta, and P. G. Gamya, “Identification of phishing webpages and its target domains by analyzing the feign relationship”, Journal of Information Security and Applications, vol. 35, pp. 75-84, 2017, doi: 10.1016/j.jisa.2017.06.001.

R. Islam, and J. Abawajy, “A multi-tier phishing detection and filtering approach”, Journal of Network and Computer Applications, vol. 36, no. 1, pp. 324-335, 2013, doi: 10.1016/j.jnca.2012.05.009.

Y. Li, R. Xiao, J. Feng, and L. Zhao, “A semi-supervised learning approach for detection of phishing webpages”, Optik-International Journal for Light and Electron Optics, vol. 124, no. 23, pp. 6027-6033, 2013, doi: 10.1016/j.ijleo.2013.04.078.

Y. Li, L. Yang, and J. Ding, “A minimum enclosing ball-based support vector machine approach for detection of phishing websites”, Optik-International Journal for Light and Electron Optics, vol. 127, no. 1, pp. 345-351, 2016, doi: 10.1016/j.ijleo.2015.10.078.

G. Ramesh, I. Krishnamurthi, and K. S. S. Kumar, “An efficacious method for detecting phishing webpages through target domain identification”, Decision Support Systems, vol. 61, pp. 12-22, 2014.

J. Mao, W. Tian, P. Li, T. Wei, and Z. Liang,. “Phishing-Alarm: Robust and Efficient Phishing Detection via Page Component Similarity”, IEEE Access, vol. 5, pp. 17020-17030, 2017, doi: 10.1109/ACCESS.2017.2743528.