Title :
Automating phishing website identification through deep MD5 matching
Author :
Wardman, Brad ; Warner, Gary
Author_Institution :
Comput. & Inf. Sci., Univ. of Alabama at Birmingham, Birmingham, AL
Abstract :
The timeliness of phishing incident response is hindered by the need for human verification of whether suspicious URLs are actually phishing sites. This paper presents a method for automating the determination, and demonstrates the effectiveness of this method in reducing the number of suspicious URLs that need human review through a method of comparing new URLs and their associated Web content with previously archived content of confirmed phishing sites. The results can be used to automate shutdown requests, to supplement traditional ldquoURL black listrdquo toolbars allowing blocking of previously unreported URLs, or to indicate dominant phishing site patterns which can be used to prioritize limited investigative resources.
Keywords :
Web sites; computer crime; telecommunication security; MD5 matching; URL; Web content; human verification; phishing Website identification; phishing incident response; phishing site; Computer crime; Delay; Face; Forensics; HTML; Humans; Internet; Security; Statistics; Uniform resource locators; Brand-matching; Campaigns; Detection; Phishing;
Conference_Titel :
eCrime Researchers Summit, 2008
Conference_Location :
Atlanta, GA
Print_ISBN :
978-1-4244-2969-1
DOI :
10.1109/ECRIME.2008.4696972
