lindsey98 / PhishIntention

PhishIntention: Phishing detection through webpage intention
Creative Commons Zero v1.0 Universal
48 stars 13 forks source link

About testing #18

Closed Fujiaoji closed 1 year ago

Fujiaoji commented 1 year ago

Hi, hope you doing well.

I am working on testing some websites using this algorithm. If I only want to get the result of phishing or not, and there target brands, is there any difference between run.py and pipeline_eval.py/phishintention_eval? I saw the code of phishintention_eval and found that there is no dynamic process (the step 4). So if directly run the "run.py" without linked websites, will there have big difference? [Same question to the Phishpedia and PhishIntention project]

Besides, to get the websites' results of phishing or not and target brands' information, do I need to prepare all websites' linked websites for the step 4?

Thank you.

Fujiaoji commented 1 year ago

I saw your answer to #6, so we don't need to download the linked webpage in advance, right? Thanks

Fujiaoji commented 1 year ago

Hi, hope you doing well.

I am working on testing some websites using this algorithm. If I only want to get the result of phishing or not, and there target brands, is there any difference between run.py and pipeline_eval.py/phishintention_eval? I saw the code of phishintention_eval and found that there is no dynamic process (the step 4). So if directly run the "run.py" without linked websites, will there have big difference? [Same question to the Phishpedia and PhishIntention project]

Besides, to get the websites' results of phishing or not and target brands' information, do I need to prepare all websites' linked websites for the step 4?

Thank you.

I also test about 10 samples and find that phishpedia got a better result than phishintention. Is this possible? I use the code of phishpedia and phishintention project. Since Phishintention is based on Phishpedia, so I think it should be better than phishpedia. So I am confusing why it get the result. I will also test more samples. The first one is phishintention, the second is from phishpedia. Thanks.

image image
lindsey98 commented 1 year ago

Hi Fujiao, Thanks for your interest. It is possible that Phishpedia reports more phishing. Because the idea of PhishIntention is to avoid False Positive by checking whether the page is credential-requiring. Therefore, PhishIntention is more conservative.

lindsey98 commented 1 year ago

Hi, hope you doing well.

I am working on testing some websites using this algorithm. If I only want to get the result of phishing or not, and there target brands, is there any difference between run.py and pipeline_eval.py/phishintention_eval? I saw the code of phishintention_eval and found that there is no dynamic process (the step 4). So if directly run the "run.py" without linked websites, will there have big difference? [Same question to the Phishpedia and PhishIntention project]

Besides, to get the websites' results of phishing or not and target brands' information, do I need to prepare all websites' linked websites for the step 4?

Thank you.

Hi, Yes, the pipeline_eval.py doesn't include the dynamic interaction part. Dynamic interaction tries to find a credential-requiring page on-the-fly if the landing page is not. But it also introduces more runtime overhead. So it depends on whether you favor runtime over completeness. You don't need to take the screenshot for the linked page, but the phishing URL should be alive at the time of interaction.

Fujiaoji commented 1 year ago

Hi, hope you doing well. I am working on testing some websites using this algorithm. If I only want to get the result of phishing or not, and there target brands, is there any difference between run.py and pipeline_eval.py/phishintention_eval? I saw the code of phishintention_eval and found that there is no dynamic process (the step 4). So if directly run the "run.py" without linked websites, will there have big difference? [Same question to the Phishpedia and PhishIntention project] Besides, to get the websites' results of phishing or not and target brands' information, do I need to prepare all websites' linked websites for the step 4? Thank you.

Hi, Yes, the pipeline_eval.py doesn't include the dynamic interaction part. Dynamic interaction tries to find a credential-requiring page on-the-fly if the landing page is not. But it also introduces more runtime overhead. So it depends on whether you favor runtime over completeness. You don't need to take the screenshot for the linked page, but the phishing URL should be alive at the time of interaction.

Thanks for your reply. It helps a lot. Have a great day.