Title :
Decisive Heuristics to Differentiate Legitimate from Phishing Sites
Author :
Gastellier-Prevost, Sophie ; Granadillo, Gustavo Gonzalez ; Laurent, Maryline
Author_Institution :
Telecom SudParis, CNRS Samovar, Inst. Telecom, Evry, France
Abstract :
Phishing attacks are a major concern for preserving Internet users privacy, especially when most of them lead to financial data theft by combining both social engineering and spoofing techniques. As blacklists are not the most effective in detecting phishing sites because of their short lifetime, heuristics appears as a privileged way at time 0. Several previous studies discussed the different types of phishing characteristics that can help defining heuristics tests, as well as comparing them to blacklists. In our paper, we studied heuristics using a different approach. Based on the characteristics of phishing URLs and webpages, we defined 20 heuristics tests and implemented them in our own active anti-phishing toolbar (Phishark). Then, we tested the heuristics effectiveness and determined which heuristics are decisive to differentiate legitimate from phishing sites.
Keywords :
Internet; Web sites; computer crime; computer network security; Internet user privacy preservation; antiphishing toolbar; decisive heuristics; phishing URLs; phishing Web pages; phishing sites; social engineering; spoofing techniques; Browsers; HTML; IP networks; Internet; Protocols; Security; World Wide Web;
Conference_Titel :
Network and Information Systems Security (SAR-SSI), 2011 Conference on
Conference_Location :
La Rochelle
Print_ISBN :
978-1-4577-0735-3
DOI :
10.1109/SAR-SSI.2011.5931389
