近年來釣魚網站數量不斷的在增加和進化，許多釣魚網站的製作者還會使用時事話題或是熱門話題來吸引使用者上當，像是以線上購物有專屬優惠、COVID-19的相關消息…等，網路釣魚在網路的世界中是隨處可見的，這顯然已經成為網路使用者的重大網路安全威脅。在本論文中，我們提出了一種三階段架構式的釣魚網站檢測方法，其依序分為網址黑白名單比對、圖像白名單比對和OCR白名單比對，架構式的檢測流程會使用到相對較多種的演算法，與以往僅使用單一演算法檢測較為不同；由於不同的演算法中的優缺點也不會一樣，因此使用架構式的檢測可以有效整合單一演算法的優缺點並互相補足。除此之外，我們會將已檢測過並且是經過OCR白名單比對後才有結果的網站之網址，依其檢測結果加入至網址黑名單或網址白名單中，更新網址黑白名單的動作是為了避免有重複的輸入檢測而降低檢測的效率，尤其OCR白名單的比對時間較長。
本實驗目前是以中文版以及英文版的Facebook網站為範例來檢測是否為Facebook的相關釣魚網站。經過實驗證明，我們所提出的架構式檢測方法準確率為98.71%，準確率確實皆優於僅使用架構式中各階段的單一比對演算法；由於使用不同的比對方法會在檢測花費的時間上有所差異，但是在正常情況下都不會超過一秒，因此也都是大多數使用者可以接受的範圍內。

In recent years, the number of phishing websites has continued to increase and evolve. Many phishing website creators also use current affairs topics or hot topics to attract users to be fooled, such as online shopping exclusive discounts, COVID-19 related news... etc. Phishing is everywhere in the Internet world, which makes it obvious that has become a major cyber security threat for Internet users. In this article, we propose a three-stage architecture phishing website detection method, which is divided into URL black and white list comparison, image white list comparison and OCR white list comparison. The architecture detection process will use a lot of multiple algorithms, which is different from only using a single algorithm for detection in the past. Since the advantages and disadvantages of different algorithms are not the same, using of architecture-based detection can effectively integrate the advantages and disadvantages of a single algorithm and influence each other. In addition, we will add the URL of the detected website and the result of the OCR whitelist comparison to the URL blacklist or URL whitelist based on the detection result. The purpose of updating the URL blacklist and whitelist is to avoid repeated input detection and reduce the detection efficiency, especially when the OCR whitelist takes a long time.

This experiment currently uses the Chinese and English version of the Facebook website as an example to detect whether it is a Facebook-related phishing website. Experiments have proved that the accuracy of our proposed architecture detection method is 98.71%, and the accuracy is indeed better than that of using only a single comparison algorithm at each stage of the architecture. Because of using different comparison methods will cause differences in detection time, but under normal circumstances, it will not exceed one second, so it is within the acceptable range of most users.

目錄
第一章	緒論 1
1.1	研究背景與動機 1
1.2	研究目的	4
1.3	論文架構	6
第二章	技術背景與相關研究 7
2.1	常見的網路釣魚手法 7
2.2	URL網址比對 8
2.3	圖像比對	 12
2.4	OCR光學字元辨識比對 14
2.5	其他相關研究 15
第三章	實驗架構	18
3.1	問題陳述	18
3.2	系統架構及檢測流程 20
3.2.1 研究方法 22
3.2.2 網址比對演算法 25
3.2.3 圖像比對演算法 26
3.2.4 OCR比對演算法 27
第四章 實驗結果與分析 32
4.1 資料集介紹與資料蒐集 32
4.1.1 PhishTank 32
4.1.2 Alexa 33
4.2 績效評估方法	35
4.3  實驗閥值設置 37
4.3.1 圖像比對實驗閥值設定 37
4.3.2  OCR文字比對實驗閥值設定 41
4.3.3 比較整合比對與單一比對實驗 43
4.4 實驗結果 45
4.4.1 圖像比對實驗結果 45
4.4.2 OCR文字比對實驗結果 47
4.4.3 架構式比對實驗結果 49
4.4.4 實驗結果分析 51
第五章 結論 55
參考文獻 57


圖目錄
圖1-1  2020年phishing activity 1
圖1-2  釣魚郵件誘使使用者點擊鏈接 3
圖2-1  V. Y. Kulkarni等人提出的檢測演算法流程 10
圖2-2  URL特徵檢測演算法 11
圖2-3  Web Crawler based Phishing Attack Detector 17
圖3-1  Google的釣魚網站頁面 19
圖3-2  Google的正常網站頁面 20
圖3-3  Alexa對台灣網站使用的排名 21
圖3-4  檢測流程圖 24
圖3-5  向量之間夾角為θ 28
圖3-6  餘弦相似度計算過程 31
圖4-1  蒐集網頁的資訊 34
圖4-2  一般圖像比對相似度	38
圖4-3  進階圖像比對相似度	40
圖4-4  OCR文字比對相似度	42
圖4-5  比對實驗的結果比較	44
圖4-6  圖像比對的評估指標	46
圖4-7  OCR比對的評估指標	48
圖4-8  架構式比對的評估指標 50
圖4-9  三種比對實驗的評估指標 52
圖4-10 比對平均花費時間(秒) 54
圖4-11 各階段被檢測出來的平均花費時間(秒) 54


表目錄
表1  檢測後的四種結果 35

參考文獻
[1]	Varsharani Ramdas Hawanna, V. Y. Kulkarni, and R. A. Rane, ❝A novel algorithm to detect phishing URLs,❞ 2016 International Conference on Automatic Control and Dynamic Optimization Techniques (ICACDOT) , Pune, India, 2016. 
[2]	Luong Anh Tuan Nguyen, Ba Lam To, Huu Khuong Nguyen, and Minh Hoang Nguyen, ❝A novel approach for phishing detection using URL-based heuristic,❞ 2014 International Conference on Computing, Management and Telecommunications (ComManTel), Da Nang, Vietnam, 2014.
[3]	黃冠龍, ❝特定企業之視覺化釣魚網站偵測,❞ 國立台灣科技大學電機工程系碩士學位論文, 2019.
[4]	Ankit Kumar Jain and B. B. Gupta, ❝Phishing Detection: Analysis of Visual Similarity Based Approaches,❞ Security and Communication Networks, vol. 2017, National Institute of Technology, Kurukshetra, India, 2017.
[5]	Jian Mao, Wenqian Tian; Pei Li, Tao Wei and Zhenkai Liang, ❝Phishing-Alarm: Robust and Efficient Phishing Detection via Page Component Similarity,❞ IEEE Access ( Volume: 5), 2017.
[6]	Yunjia Wang and Ishbel Duncan, ❝A Novel Method to Prevent Phishing by using OCR Technology,❞ 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), Oxford, UK, 2019.
[7]	Pradeep Singh, Niti Jain and Ambar Maini, ❝Investigating the effect of feature selection and dimensionality reduction on phishing website classification problem,❞ 2015 1st International Conference on Next Generation Computing Technologies (NGCT), Dehradun, India, 2015.
[8]	Mustafa Aydin and Nazife Baykal, ❝Feature extraction and classification phishing websites based on URL,❞ 2015 IEEE Conference on Communications and Network Security (CNS), Florence, Italy, 2015.
[9]	Priyanka Singh, Yogendra P.S. Maravi and Sanjeev Sharma ❝Phishing websites detection through supervised learning networks,❞  2015 International Conference on Computing and Communications Technologies (ICCCT), Chennai, India, 2015.
[10]	Guang Xiang, Jason Hong ,Carolyn P. Rose and Lorrie Cranor, ❝CANTINA+: A Feature-Rich Machine Learning Framework for Detecting Phishing Web Sites,❞ ACM Transactions on Information and System Security, Volume 14, Issue 2, September 2011, pp 1–28. 
[11]	Ankit Kumar Jain and B. B. Gupta, ❝Comparative analysis of features based machine learning approaches for phishing detection,❞ 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom), New Delhi, India, 2016.
[12]	游文傑, ❝透過不涉及內容的特徵和圖形分析辨別釣魚和嘞所軟體網站,❞ 國立台灣科技大學資訊工程學系碩士學位論文, 2017.

[13]	T. Nathezhtha, D. Sangeetha, and V. Vaidehi, ❝WC-PAD: Web                     Crawling based Phishing Attack Detection,❞ 2019 International Carnahan Conference on Security Technology (ICCST),  Chennai, India, 2019.
[14]	CSDN, ❝Ratio()函數,❞ 05 2020, Available: https://blog.csdn.net/qq_27586341/article/details/106054086, [存取日期: 06 2021].
[15]	codertw, ❝圖像檢索系列—利用Python檢測圖像相似度：感知哈希算法,❞ 07 2020, Available:
https://codertw.com/%E7%A8%8B%E5%BC%8F%E8%AA%9E%E8%A8%80/730500/, [存取日期: 06 2021].
[16] kknews, ❝漢明距離(Hamming Distance) ,❞ 12 2017,Available：https://kknews.cc/code/x35bp38.html [存取日期: 06 2021].
[17] CSDN, ❝Python實現文本相似度比較分析,❞ 01 2020 Avaliable:
https://blog.csdn.net/Zhangguohao666/article/details/103948581, [存取日期: 06 2021].
[18] wikipedia, ❝餘弦相似性,❞ Avaliable:
https://zh.wikipedia.org/wiki/%E4%BD%99%E5%BC%A6%E7%9B%B8%E4%BC%BC%E6%80%A7 , [存取日期: 06 2021].
[19] trendmicro, ❝雲端電子郵件威脅趁 COVID-19 疫情作亂,❞ Avaliable:
https://www.trendmicro.com/zh_tw/about/newsroom/press-releases/2021/2021-03-11.html , [存取日期: 06 2021].
[20] designhu, ❝什麼是URL網址IP？, ❞ Avaliable:
https://www.design-hu.com/web-news/domain.html , [存取日期: 06 2021].