Secure web referral service

Security has become a major concern while browsing as the number of malicious sites keeps increasing with the cost for hosting a site decreasing. Though most of the web servers use Secure Socket Layer (SSL) over HTTP (Hyper Text Transfer Protocol) to ensure trust between consumers and providers, SSL is vulnerable to Man-In-The-Middle (MITM) attack and becoming very common these days. Phishing is another major problem, which has increased rapidly over the years. In this paper we present a novel secure web referral service using Secure Search Engine (SSE), which would resolve phishing and MITM attacks for web based applications. SSE is based on web crawling technology with a set of checking services to validate IP addresses and certificate chains. Additionally, we present a novel phishing filter that can be used to check any given URLs with minimal delay. Our solution is non-intrusive and reduces human factors, which are commonly in existing web-based services, in security verification processes. Our evaluation shows that our solutions produce less false positive and false negative than existing web browser-based anti-phishing solutions.