"Phishers" - fraud artists who try to gain personal information like bank-account numbers from unsuspecting Internet users - are constantly trolling for their next catch.
A new technology developed at the University of Arizona is attracting some attention as a way to blunt one big phish-hook: fake websites.
A team led by current and former members of the Artificial Intelligence Laboratory at the UA's Eller College of Management has developed a prototype system to automatically detect fake sites.
When tested against other existing, commercial systems, the UA system resulted in more effective and more accurate detections of spoof sites, spotting them better than a human can.
The project has gotten some major exposure in MIS - management information systems - circles.
The UA team's article, "Detecting Fake Websites: The Contribution of Statistical Learning Theory," was published last year in an issue of MIS Quarterly, a major journal, and has since been named the peer-reviewed journal's top paper for 2010.
The team was led by UA alumnus Ahmed Abbasi, now a University of Virginia assistant professor of information technology.
Hsinchun Chen, the UA Artificial Intelligence Lab director and a internationally respected researcher, was Abbasi's adviser and one of the paper's five authors.
Chen said the project grew partly out of the UA lab's longtime work on tracking the "Dark Web" - the darker side of the Internet, including terrorist websites - for agencies including the National Science Foundation and the Department of Defense.
Abbasi developed the mathematical formula the team eventually used while working as a project lead and research associate. Other co-authors are UA Eller College's department of management information systems faculty members Zhu Zhang and Jay F. Nunamaker Jr.; and David Zimbra, a doctoral student.
Chen said better fraud-detection software is needed to keep up with rapidly adapting website fakers.
"Fake websites change very quickly and are becoming more sophisticated," said Chen, who has directed the UA Artificial Intelligence Lab since arriving in 1990.
The UA team's answer was to create a program that dynamically "learns" the various cues that mark a bogus website.
"Our approach allows the system to learn those (fraud) signatures automatically, and you can change it much quicker. ... It's just much more sophisticated."
The UA team developed five categories with thousands of cues, finding the best results by utilizing thousands of highly visible and also deeply embedded cues, such as page element placement, URL length, the number of links, character types on the site and how thorough the site's "frequently asked questions" section is detailed, among other features.
The technology "definitely has a high commercialization potential," Chen said, noting that the team's materials have been copyrighted and could possibly be patented through the UA and picked up by a company willing to pay for further development.
Chen knows something about spinning off technology into the marketplace.
He founded Knowledge Computing Corp. to commercialize a sophisticated database-analysis software that came to be known as Coplink, which is used by many law-enforcement agencies.
In 2009, Knowledge Computing was acquired for $40 million by a major private equity firm and later merged with i2, an industry leader in crime analytics.
Last week, i2, which has about 100 employees in Tucson, was acquired by computing giant IBM Corp. for an undisclosed amount.
Contact Assistant Business Editor David Wichner at email@example.com or 573-4181.