Scalable Detection and Isolation of Phishing

  • Giovane C. M. Moura
  • Aiko Pras
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5637)


This paper presents a proposal for scalable detection and isolation of phishing. The main ideas are to move the protection from end users towards the network provider and to employ the novel bad neighbourhood concept, in order to detect and isolate both phishing e-mail senders and phishing web servers. In addition, we propose to develop a self-management architecture that enables ISPs to protect their users against phishing attacks, and explain how this architecture could be evaluated. This proposal is the result of half a year of research work at the University of Twente (UT), and it is aimed at a Ph.D. thesis in 2012.


  1. 1.
    Herley, C., Florencio, D.: A profitless endeavor: Phishing as tragedy of the commons. In: Proc. of the ACM SIGSAC New Security Paradigms Workshop, Lake Tahoe, California, USA (September 2008)Google Scholar
  2. 2.
    McCall, T.: Gartner survey shows phishing attacks escalated in 2007 (2008)Google Scholar
  3. 3.
    Dhamija, R., Tygar, J.D., Hearst, M.: Why phishing works. In: CHI 2006: Proceedings of the SIGCHI conference on Human Factors in computing systems, pp. 581–590. ACM, New York (2006)Google Scholar
  4. 4.
    Kumaraguru, P., Sheng, S., Acquisti, A., Cranor, L.F., Hong, J.: Lessons from a real world evaluation of anti-phishing training. In: eCrime Researchers Summit, pp. 1–12 (2008)Google Scholar
  5. 5.
    Fette, I., Sadeh, N., Tomasic, A.: Learning to detect phishing emails. In: WWW 2007: Proceedings of the 16th international conference on World Wide Web, pp. 649–656. ACM, New York (2007)Google Scholar
  6. 6.
    Zhang, Y., Egelman, S., Cranor, L.F., Hong, J.: Phinding phish: Evaluating anti-phishing tools. In: Proceedings of the 14th Annual Network and Distributed System Security Symposium (NDSS 2007), San Diego, CA, USA (2007)Google Scholar
  7. 7.
    Dhamija, R., Tygar, J.D.: The battle against phishing: Dynamic security skins. In: SOUPS 2005: Proceedings of the 2005 symposium on Usable privacy and security, pp. 77–88. ACM, New York (2005)CrossRefGoogle Scholar
  8. 8.
    Phishing Protection Design Documentation (2009),
  9. 9.
    Cyveillance Anti-Phishing (2009),
  10. 10.
    British Telecom Managed Security Services (2009),
  11. 11.
    Irwin, B., Pilkington, N.: High level internet scale traffic visualization using hilbert curve mapping. In: VizSEC 2007: Proceedings of the Workshop on Visualization for Computer Security, pp. 147–158. Springer, Heidelberg (2007)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2009

Authors and Affiliations

  • Giovane C. M. Moura
    • 1
  • Aiko Pras
    • 1
  1. 1.Design and Analysis of Communication Systems (DACS)University of TwenteEnschedeThe Netherlands

Personalised recommendations