Cyber Crime- the major concern.
Internet frauds affect the rapidly growing online
E-commerce is the main target.
Social communication sites and mail service are
also victim of them.
Phishing is an alarming threat.
Technical steps needed to defend them.
Phishing attacks succeed if users fail to detect
Previous anti-phishing falls into four categories:
Study on phishing
Previous works deals with limited service.
Our approach- Development of an automated
phishing detection method.
A criminal trick of stealing sensitive personal
Fooled user and push them to fall in the trick.
Use social engineering and technical strategy.
Mainly, duplicate original web-pages.
First describe in 1987.
ATTRIBUTES OF PHISHING
Similar appearance of web-page.
IP based URL & Non Matching URL.
URL contain abnormal characters.
Using script or add-in to web browser to cover the
According to APWG
According to PhishTank
Phishes Verified as Valid Suspected Phishes
Total 531086 Total 928206
Online 2770 Online 3021
Offline 528316 Offline 925174
Total phishing attack. (Up to 6th April 2010)
Identify phishing site.
Implementation of secure model.
Eliminating phishing mails.
Monitoring and Takedown.
Step 1: Checking with database
Approach Accuracy Time (second)
IP based URL 100% 17
Exists in phishing database 97% 59
Matching source content 81% 134
Abnormal condition 79% 51
Our approach reduces the ability of attackers to
automate their attacks, cutting into their profitability.
By using the minimal knowledge base provided by
the user-selected web-page, our system is able to
compare potential phishing sites with real sites.
Performance and accuracy can be improved by
using an image segmentation algorithm.
Flash contents can’t be validated whether phishing
threat or not in our system.
Anti-Phishing Working Group (APWG).
http://www.antiphishing.org/ . April 7 2010.
PhishTank. http://www.phishtank.com/. April 6 2010.
Y. Zhang, J. Hong, and L. Cranor. Cantina: A
content-based approach to detecting phishing web
sites. 16th international conference on World Wide
Web in 2007.
Felix, Jerry and Hauck, Chris (September 1987).
"System Security: A Hacker's Perspective". 1987
Interex Proceedings 1: 6.