An Intelligent System for Phish Detection, using Dynamic Analysis and Template Matching
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 33090
An Intelligent System for Phish Detection, using Dynamic Analysis and Template Matching

Authors: Chinmay Soman, Hrishikesh Pathak, Vishal Shah, Aniket Padhye, Amey Inamdar

Abstract:

Phishing, or stealing of sensitive information on the web, has dealt a major blow to Internet Security in recent times. Most of the existing anti-phishing solutions fail to handle the fuzziness involved in phish detection, thus leading to a large number of false positives. This fuzziness is attributed to the use of highly flexible and at the same time, highly ambiguous HTML language. We introduce a new perspective against phishing, that tries to systematically prove, whether a given page is phished or not, using the corresponding original page as the basis of the comparison. It analyzes the layout of the pages under consideration to determine the percentage distortion between them, indicative of any form of malicious alteration. The system design represents an intelligent system, employing dynamic assessment which accurately identifies brand new phishing attacks and will prove effective in reducing the number of false positives. This framework could potentially be used as a knowledge base, in educating the internet users against phishing.

Keywords: World Wide Web, Phishing, Internet security, data mining.

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1330609

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1830

References:


[1] David Watson, Thorsten Holz and Sven Mueller, -"Know your enemy: Phishing, behind the scenes of Phishing attacks", The Honeynet Project & Research Alliance.
[2] Rachna Dhamija, J. D. Tygar, Marti Hearst - "Why Phishing works"
[3] HTML element - wikipedia http://en.wikipedia.org/wiki/HTML_element
[4] Anti Phishing Working Group - Phishing Activity Trends Report - September, October 2006, and September 2007.
[5] Levenstein, A., Binary codes capable of correcting deletions, insertions, and reversals. Soviet Physics Doklady 10 (1966):707-710
[6] Jie Zou, Daniel Le and George R. Thoma "Combining DOM tree and geometric layout analysis for onine medical journal article segmentation", National Library of Medicine.
[7] Steven Abney - "Parts Of Speech Tagging (POS) and Partial Parsing", 1996
[8] Dino Esposito, "Browser helper Objects: The Browser the Way You Want It", Microsoft-Corporation http://msdn2.microsoft.com/enus/ library/bb250436.aspx
[9] Min Wu, Robert C. Miller and Greg Little - "Web Wallet: Preventing Phishing attacks by revealing user intentions", MIT Computer Science and Artificial Intelligence Lab.
[10] Jonathan Zdziarski, Weilai Yang and Paul Judge - "Approaches to Phishing identification using match and probabilistic digital fingerprinting techniques.", CipherTrust, Inc.
[11] Suhit Gupta, Gail Kaiser, David Neistadt and Peter Grimm - "DOMbased Content Extraction of HTML Documents".
[12] Tod Beardsley - "Phishing detection and prevention: practical counterfraud solutions".
[13] Min Wu, Robert C. Miller, Simson L. Garfinkel - "Do security toolbars actually prevent Phishing attacks?", MIT Computer Science and Artificial Intelligence Lab.
[14] Lorrie Cranor, Serge Egelman, Jason Hong, and Yue Zhang - "Phinding Phish: An evaluation of anti-Phishing toolbars", CyLab, Carnegie Mellon University.
[15] Sujata Garera, Niels Provos, Monica Chew and Aviel D. Rubin - "A framework for eetection and measurement of Phishing attacks".
[16] http://www.gartner.com/it/page.jsp? id=5 65125
[17] The Zero-Day Attack, PC magazine,
[18] http://www.pcmag.com/article2/0,1759,1880013,00.asp
[19] False positives : Type I and type II errors, wikipedia - http://en.wikipedia.org/wiki/Type_I_and_type_II_errors
[20] Content Distribution Network, Wikipedia - http://en.wikipedia.org/wiki/Coral_Content_Distribution_Network