Decisive Heuristics to Differentiate Legitimate from Phishing Sites

Author

Gastellier-Prevost, Sophie ; Granadillo, Gustavo Gonzalez ; Laurent, Maryline

Author_Institution

Telecom SudParis, CNRS Samovar, Inst. Telecom, Evry, France

fYear

2011

fDate

18-21 May 2011

Firstpage

1

Lastpage

9

Abstract

Phishing attacks are a major concern for preserving Internet users privacy, especially when most of them lead to financial data theft by combining both social engineering and spoofing techniques. As blacklists are not the most effective in detecting phishing sites because of their short lifetime, heuristics appears as a privileged way at time 0. Several previous studies discussed the different types of phishing characteristics that can help defining heuristics tests, as well as comparing them to blacklists. In our paper, we studied heuristics using a different approach. Based on the characteristics of phishing URLs and webpages, we defined 20 heuristics tests and implemented them in our own active anti-phishing toolbar (Phishark). Then, we tested the heuristics effectiveness and determined which heuristics are decisive to differentiate legitimate from phishing sites.

Keywords

Internet; Web sites; computer crime; computer network security; Internet user privacy preservation; antiphishing toolbar; decisive heuristics; phishing URLs; phishing Web pages; phishing sites; social engineering; spoofing techniques; Browsers; HTML; IP networks; Internet; Protocols; Security; World Wide Web;

fLanguage

English

Publisher

ieee

Conference_Titel

Network and Information Systems Security (SAR-SSI), 2011 Conference on

Conference_Location

La Rochelle

Print_ISBN

978-1-4577-0735-3

Type

conf

DOI

10.1109/SAR-SSI.2011.5931389

Filename

5931389