Abstract
In this paper we present a hybrid system to protect private data from phishing attacks. Our solution uses intrusion detection methods to identify potential phishing emails then relies on web crawlers to validate or reject this suspicion. We also use external information coming through RDF Site Summaries (RSS) alerts about potential phishing sites. Our two-layered phishing detection system reside on the server of the organization, thus it is not vulnerable to blocking attacks targeting web browsers.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
The Anti-Phishing Working Group (APWG): http://www.antiphishing.org
Financial Service Technology Consortium (FSTC): North-America based financial institutions, technology vendors, independent research organizations and government agency, available at: http://www.fstc.org/projects/docs/FSTC_Counter_Phishing_Project_Whitepaper.pdf
Chen, Y., Ma, W.-Y., Zhang, H.-J.: Detecting Web Page Structure for Adaptive Viewing on Small Form Factor Devices. In: WWW 2003 (May 20-24, 2003)
Fette, I., Sadeh, N., Thomasic, A.: Learning to Detect Phishing Emails. WWW ( to appear, 2007), available at: http://www.cs.cmu.edu/~tomasic/doc/2007/FetteSadehTomasicWWW2007.pdf
Chou, N., Ledesma, R., Teraguchi, Y., Boneh, D., Mitchell, J.C.: Client-side defense against web-based identity theft (Webspoof), available at: http://www.crypto.stanford.edu/SpoofGuard/webspoof.pdf
Provos, N.: A Virtual Honeypot Framework. available at: http://www.niels.xtdnet.nl/papers/honeyd.pdf
Vanderavero, N., Brouckaert, X., Bonaventure, O., Charlier, B.L.: The HoneyTank.: A Scalable Approach to collect malicious Internet Traffic. In: international infrastructure survivability workshop (IISW 2004) 2004, held in conjunction with the 25th IEEE International Real-time systems symposium (RTSS 2004), IEEE Computer Society Press, Los Alamitos (2004), Paper available at http://www.info.ucl.ac.be/people/OBO/papers/honeytank.pdf
Zhang, Y., Hong, J., Cranor, L.: CANTINA: A Content Based Approach to Detecting Phishing Sites. WWW (to appear, 2007), available at www.cups.cs.cmu.edu/trust.php
Wenyin, L., Huang, G., Xiaoyue, L., Min, Z., Deng, X.: Detection of Phishing Webpages based on Visual Similarity. WWW (May 10-14, 2005) Chiba, Japan (2005)
Cordero, A., Blain, T.: Catching Phish: Detecting Phishing Attacks From Rendered website Images. available at: http://www.cs.berkeley.edu/~asimma/294-fall06/projects/reports/cordero.pdf
RSS Feeds. available at: http://en.wikipedia.org/
The Wdiff tool. available at: http://www.gnu.org/software/wdiff/wdiff.html
An HTML parser. available at: http://htmlparser.sourceforge.net/
The Apache SpamAssassin Project. available at: http://spamassassin.apache.org/
Apple Mac OS X Safari Browser. available at: http://www.apple.com/macosx/features/safari/
Safari Cocoa Plugin. Available at: http://developer.apple.com/internet/safari/
GNU Octave. Available at: http://www.gnu.org/software/octave/
ImageMagick. Available at: http://www.imagemagick.org/script/index.php
The Darknet Project. Available at: http://www.cymru.com/Darknet/
The R-Project. Available at: http://www.r-project.org/
Lucene Nutch. http://www.lucene.apache.org/nutch
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pamunuwa, H., Wijesekera, D., Farkas, C. (2007). An Intrusion Detection System for Detecting Phishing Attacks. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2007. Lecture Notes in Computer Science, vol 4721. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75248-6_13
Download citation
DOI: https://doi.org/10.1007/978-3-540-75248-6_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-75247-9
Online ISBN: 978-3-540-75248-6
eBook Packages: Computer ScienceComputer Science (R0)