Title :
Online Detection and Prevention of Phishing Attacks
Author :
Chen, Juan ; Guo, Chuanxiong
Author_Institution :
Inst. of Commun. Eng., Nanjing
Abstract :
Phishing is a new type of network attack where the attacker creates a replica of an existing Web page to fool users (e.g., by using specially designed e-mails or instant messages) into submitting personal, financial, or password data to what they think is their service providers´ Web site. In this paper, we propose a new end-host based anti-phishing algorithm, which we call LinkGuard, by utilizing the generic characteristics of the hyperlinks in phishing attacks. These characteristics are derived by analyzing the phishing data archive provided by the anti-phishing working group (APWG). Because it is based on the generic characteristics of phishing attacks, LinkGuard can detect not only known but also unknown phishing attacks. We have implemented LinkGuard in Windows XP. Our experiments verified that LinkGuard is effective to detect and prevent both known and unknown phishing attacks with minimal false negatives. LinkGuard successfully detects 195 out of the 203 phishing attacks. Our experiments also showed that LinkGuard is lightweighted and can detect and prevent phishing attacks in real-time.
Keywords :
Web sites; security of data; LinkGuard; Web page; Web site; Windows XP; anti-phishing working group; e-mails; end-host based anti-phishing algorithm; instant messages; network attack; online phishing attack detection; phishing attack prevention; phishing data archive; Computer hacking; Contracts; Counterfeiting; Credit cards; Data analysis; Electronic mail; National security; Uniform resource locators; Web page design; Web pages; Hyperlink; LinkGuard algorithm; Network security; Phishing attacks;
Conference_Titel :
Communications and Networking in China, 2006. ChinaCom '06. First International Conference on
Conference_Location :
Beijing
Print_ISBN :
1-4244-0463-0
Electronic_ISBN :
1-4244-0463-0
DOI :
10.1109/CHINACOM.2006.344718
