Title :
A Sender-Centric Approach to Detecting Phishing Emails
Author :
Sanchez, F. ; Zhenhai Duan
Author_Institution :
Florida State Univ., Tallahassee, FL, USA
Abstract :
Email-based online phishing is a critical security threat on the Internet. Although phishers have great flexibility in manipulating both the content and structure of phishing emails, phishers have much less flexibility in completely concealing the sender information of a phishing message. Importantly, such sender information is often inconsistent with the target institution of a phishing email. Based on this observation, in this paper we advocate and develop a sender-centric approach to detecting phishing emails by focusing on the sender information of a message instead of the content or structure of the message. Our evaluation studies based on real-world email traces show that the sender-centric approach is a feasible and effective method in detecting phishing emails. For example, using an email trace containing both phishing and legitimate messages, we show that the sender-centric approach can detect 98.7% of phishing emails while correctly classifying all legitimate messages.
Keywords :
Internet; computer crime; computer network security; unsolicited e-mail; Internet; critical security threat; email trace; email-based online phishing; phishing email content; phishing email detection; phishing email structure; phishing message; sender information; sender-centric approach; Phishing; Phishing email detection; Phishing emails;
Conference_Titel :
Cyber Security (CyberSecurity), 2012 International Conference on
Conference_Location :
Washington, DC
Print_ISBN :
978-1-4799-0219-4
DOI :
10.1109/CyberSecurity.2012.11
