Skip to main content
SpringerLink
Log in

An Intrusion Detection System for Detecting Phishing Attacks

  • Conference paper
Secure Data Management (SDM 2007)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4721))

Included in the following conference series:

Abstract

In this paper we present a hybrid system to protect private data from phishing attacks. Our solution uses intrusion detection methods to identify potential phishing emails then relies on web crawlers to validate or reject this suspicion. We also use external information coming through RDF Site Summaries (RSS) alerts about potential phishing sites. Our two-layered phishing detection system reside on the server of the organization, thus it is not vulnerable to blocking attacks targeting web browsers.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. The Anti-Phishing Working Group (APWG): http://www.antiphishing.org

  2. Financial Service Technology Consortium (FSTC): North-America based financial institutions, technology vendors, independent research organizations and government agency, available at: http://www.fstc.org/projects/docs/FSTC_Counter_Phishing_Project_Whitepaper.pdf

  3. Chen, Y., Ma, W.-Y., Zhang, H.-J.: Detecting Web Page Structure for Adaptive Viewing on Small Form Factor Devices. In: WWW 2003 (May 20-24, 2003)

    Google Scholar 

  4. Fette, I., Sadeh, N., Thomasic, A.: Learning to Detect Phishing Emails. WWW ( to appear, 2007), available at: http://www.cs.cmu.edu/~tomasic/doc/2007/FetteSadehTomasicWWW2007.pdf

  5. Chou, N., Ledesma, R., Teraguchi, Y., Boneh, D., Mitchell, J.C.: Client-side defense against web-based identity theft (Webspoof), available at: http://www.crypto.stanford.edu/SpoofGuard/webspoof.pdf

  6. Provos, N.: A Virtual Honeypot Framework. available at: http://www.niels.xtdnet.nl/papers/honeyd.pdf

  7. Vanderavero, N., Brouckaert, X., Bonaventure, O., Charlier, B.L.: The HoneyTank.: A Scalable Approach to collect malicious Internet Traffic. In: international infrastructure survivability workshop (IISW 2004) 2004, held in conjunction with the 25th IEEE International Real-time systems symposium (RTSS 2004), IEEE Computer Society Press, Los Alamitos (2004), Paper available at http://www.info.ucl.ac.be/people/OBO/papers/honeytank.pdf

    Google Scholar 

  8. Zhang, Y., Hong, J., Cranor, L.: CANTINA: A Content Based Approach to Detecting Phishing Sites. WWW (to appear, 2007), available at www.cups.cs.cmu.edu/trust.php

  9. Wenyin, L., Huang, G., Xiaoyue, L., Min, Z., Deng, X.: Detection of Phishing Webpages based on Visual Similarity. WWW (May 10-14, 2005) Chiba, Japan (2005)

    Google Scholar 

  10. Cordero, A., Blain, T.: Catching Phish: Detecting Phishing Attacks From Rendered website Images. available at: http://www.cs.berkeley.edu/~asimma/294-fall06/projects/reports/cordero.pdf

  11. RSS Feeds. available at: http://en.wikipedia.org/

  12. The Wdiff tool. available at: http://www.gnu.org/software/wdiff/wdiff.html

  13. An HTML parser. available at: http://htmlparser.sourceforge.net/

  14. The Apache SpamAssassin Project. available at: http://spamassassin.apache.org/

  15. Apple Mac OS X Safari Browser. available at: http://www.apple.com/macosx/features/safari/

  16. Safari Cocoa Plugin. Available at: http://developer.apple.com/internet/safari/

  17. GNU Octave. Available at: http://www.gnu.org/software/octave/

  18. ImageMagick. Available at: http://www.imagemagick.org/script/index.php

  19. The Darknet Project. Available at: http://www.cymru.com/Darknet/

  20. The R-Project. Available at: http://www.r-project.org/

  21. Lucene Nutch. http://www.lucene.apache.org/nutch

Download references

Author information

Authors and Affiliations

  1. George Mason University, 4400 University Drive, Fairfax, VA, 22030, USA

    Hasika Pamunuwa & Duminda Wijesekera

  2. University of South Carolina, Columbia, 29208, SC,  

    Csilla Farkas

Authors
  1. Hasika Pamunuwa
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Duminda Wijesekera
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Csilla Farkas
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Willem Jonker Milan Petković

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Pamunuwa, H., Wijesekera, D., Farkas, C. (2007). An Intrusion Detection System for Detecting Phishing Attacks. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2007. Lecture Notes in Computer Science, vol 4721. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75248-6_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-75248-6_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-75247-9

  • Online ISBN: 978-3-540-75248-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation