SlideShare a Scribd company logo

Phish-Secure: An Anti-Phishing Algorithm Using Image Similarity, URL and IP Verification

Download as PPSX, PDF
Shivarajkumar Badiger
Shivarajkumar Badiger

Phishing is a type of online security attack where attackers create fake websites to steal users' personal or financial information. The document proposes an anti-phishing system called "Phish-Secure" that uses three-factor authentication to detect and prevent phishing attacks. It verifies websites by comparing images to databases, checking URLs, blacklisting known phishing IP addresses, and validating destination IP addresses. The system aims to reduce phishing by accurately identifying legitimate websites versus fraudulent impersonations.

1 of 22
PRESENTED BY
• Phishing basics • Introduction • Flow of information in phishing attak • Phishing attacks • Common procedure of phishing attack • Approaches to prevent phishing attack • Proposed system • Flow chart • Conclusion • Reference
• What is phishing? • Why it is called phishing? • Pronounced as „Fishing‟. • The word has its Origin from two words “Password Harvesting” or fishing for Passwords • Also known as "brand spoofing“.
 Phishing is a kind of online security attack where the attacker creates a replica of an existing web page to fool users in order to hack their personal, financial, or password data.  Phishing often directs users to enter details in a fake website who’s URL, look and feel are almost identical to the legitimate one.  The current Anti-Phishing system has failed to prevent Phishing completely.  An Anti-Phishing algorithm is proposed which is termed as “Phish-Secure”.  Phish-Secure utilize a three factor authentication system which successfully detects and prevents all Phishing attacks.
1. A deceptive message is sent from the Phishers to the user. 2. A user provides confidential information to a Phishing server (normally after some interaction with the server). 3. The Phishers obtains the confidential information from the server. 4. The confidential information is used to impersonate the user. 5. The Phishers obtains illicit monetary gain.
 Phishing by URL Obfuscation  For example, the customer may follow a link to http://www.mybank.com.ch/ instead of the original link http://www.mybank.com/ .  This is a fake website for Facebook which looks like same as that of legitimate website. www.sanagustinturismo.co/Facebook/
 Pharming  Pharming is a hacker's attack aiming to redirect a website's traffic to another bogus website.  Pharming can be conducted by either DNS Poisoning or HOSTS file Modification.  DNS poisoning  Attacker hacks into the DNS server and changes the IP address for www.targetsite.com to IP of www.targetsite1.com (Fake page).  So if the user enter the URL in address bar, the computer queries the DNS server for the IP address of www.targetsite.com  Since the DNS server has already been poisoned by the attacker, it returns the IP address of www.targetsite1.com (fake page).  The user will believe it is original website but it is phishing page.
 HOSTS file Modification.  This method is local DNS poisoning.  The host file contains Domain Name and IP address associated with them. Your host file will be in this path:  It will change the fields of hosts so that original website will point to some other fake page.  Other types of pharming attacks involve Trojan horses, worms or other technologies that attack the browser address bar, thus redirecting you to a fraudulent website when you type in a legitimate address.
 Man-in-the-middle Attacks  In this type of attack, the attacker situates themselves between the customer and the real web-based application, and proxies all communications between the systems.  In this the hacker must re-direct the user to his proxy server instead of the real server. This may be carried out through a  DNS Cache Poisoning  URL Obfuscation
Phishing attacks are performed with the following steps: 1) Phishers set up a fake Web site which looks exactly like the legitimate Web site, which includes setting up the web server and create the web pages similar to the destination Website . 2) User receives the e-mail, opens it, click the spoofed hyperlink in the e-mail, and input the required information.
There are several technical and non-technical ways to prevent Phishing attacks:  Educate users to understand how Phishing attacks work and to be alert when Phishing-alike e-mails are received.  Use technical methods to stop Phishing attackers. In this, we only focus on the technical aspect.
Technical approaches to prevent “Phishing” attack.  Detect and block Phishing in time  Detect the Phishing Web sites in time, we can block the sites and prevent Phishing attacks.  DNS Scan  The web master of a legal web site periodically scans the root DNS for suspicious sites. (e.g. www.icci.com vs. www.icici.com)
 Enhance the security of the web sites  The business websites can take new methods to guarantee the security of users personal information.  One method to enhance the security is to use hardware devices. For example, the Barclays bank provides a hand-held card reader to the users.  Use the biometrics characteristic (e.g. voice, fingerprint, iris, etc.) for user authentication.  Install online anti-Phishing software in user’s computers  Install anti-Phishing tools in their computers .  The anti-Phishing tools are categorized as: blacklist/White list based.
A. Image Similarity Detection:  Image similarity detection is done which helps in finding out which page the user tends to visit, then it is checked for Phishing.  For this purpose a system captures the image of a webpage in a particular resolution in the required format. This image is termed as Visual image.  If the attacker is going to create a Phishing site he is going to use the replica of the original webpage in order to fool the users.  Phish-Secure make a comparison to find out the similarity between the visited page and the page in the database.
Table of Sample Database Structure  The similarity is obtained in means of percentage, if the percentage of similarity (PS) is greater than 99 % then Phish-Secure concludes which website the user is tending to visit.
B. Factor 1: URL Verification.  When the user visits any site the Phish-Secure immediately grabs the URL of the visited page. If the visited page URL is encoded Phish-Secure decodes it.  Then a comparison is made between the actual URL and the visual URL if they are same further verification is carried out. On the other hand if they are different Phish-Secure identifies the particular website as Phishing.
C. Factor 2: Black Listing (Based On IP):  When the user visits a webpage Phish-Secure grabs the destination IP which gives information about to which IP address the user is getting connected, this is referred as V_IP (Visual IP).  If an attacker web server IP address has already been found guilty the particular IP is blacklisted.  Phish-Secure check this Blacklist with the V_IP and will warn the user. On the other hand if the V_IP is not found in Blacklist further verification is done in the following step.
D. Factor 3: Layer 3’s Destination Address Verification:  Phish-Secure grabs the actual list of IP address of the provider which he tends to connect.  Phish-Secure gets the list of IP address which is referred to as actual IP [ ] and is checked with the V_IP (i.e.) the IP address to which the user is getting connected.  If these two IP address are same Phish-Secure identifies the particular site as genuine and returns a message as authenticated. On the other hand if there is a mismatch in the above verification Phish-Secure identifies the site as Phishing and warns the user.
 Phishing has becoming a serious online security threat which causes loss of sensitive data. which in turn causes loss in billions of dollars to both consumers and e-commerce companies.  In this ‘Phish-Secure’, an anti-phishing algorithm has been designed.  Phish-Secure is capable of detecting both known and unknown Phishing attacks. Phish-Secure will verify whether the user is connected to the website which he actually tends to connect.  Since this is based on the verification of the destination servers IP address the probability of Phishing attack is drastically reduced.
Phish-Secure: An Anti-Phishing Algorithm Using Image Similarity, URL and IP Verification
Phish-Secure: An Anti-Phishing Algorithm Using Image Similarity, URL and IP Verification

Recommended

Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...IOSR Journals
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacksSreejith.D. Menon
 
Phishing
PhishingPhishing
PhishingJayaseelan Vejayon
 
A Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the InternetA Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the Internetijtsrd
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharksNalneesh Gaur
 
Phishing
PhishingPhishing
Phishingoitaoming
 
Phishing techniques
Phishing techniquesPhishing techniques
Phishing techniquesSushil Kumar
 
Ict Phishing (Present)
Ict Phishing (Present)Ict Phishing (Present)
Ict Phishing (Present)aleeya91
 

Recommended

Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...IOSR Journals
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacksSreejith.D. Menon
 
Phishing
PhishingPhishing
PhishingJayaseelan Vejayon
 
A Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the InternetA Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the Internetijtsrd
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharksNalneesh Gaur
 
Phishing
PhishingPhishing
Phishingoitaoming
 
Phishing techniques
Phishing techniquesPhishing techniques
Phishing techniquesSushil Kumar
 
Ict Phishing (Present)
Ict Phishing (Present)Ict Phishing (Present)
Ict Phishing (Present)aleeya91
 
Improving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association MiningImproving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association Miningtheijes
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
A Review on Antiphishing Framework
A Review on Antiphishing FrameworkA Review on Antiphishing Framework
A Review on Antiphishing FrameworkIJAEMSJORNAL
 
Phishing
PhishingPhishing
PhishingSyahida
 
IJSRED-V2I4P0
IJSRED-V2I4P0IJSRED-V2I4P0
IJSRED-V2I4P0IJSRED
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldAvishek Datta
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gtemi
 
Phising a Threat to Network Security
Phising a Threat to Network SecurityPhising a Threat to Network Security
Phising a Threat to Network Securityanjuselina
 
Deconstructing A Phishing Scheme
Deconstructing A Phishing SchemeDeconstructing A Phishing Scheme
Deconstructing A Phishing SchemeChristopher Duffy
 
Phishing
PhishingPhishing
PhishingSyeda Javeria
 
Phishing
PhishingPhishing
PhishingKiran Patil
 
Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks
Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks
Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks Er. Rahul Jain
 
Exploring And Investigating New Dimensions In Phishing
Exploring And Investigating New Dimensions In PhishingExploring And Investigating New Dimensions In Phishing
Exploring And Investigating New Dimensions In PhishingMuhammad Haroon CISM PCI QSA ISMS LA CPTS CEH
 
Phishing attack
Phishing attackPhishing attack
Phishing attackRaghav Chhabra
 
Anti phishing
Anti phishingAnti phishing
Anti phishingShethwala Ridhvesh
 
ICT-phishing
ICT-phishingICT-phishing
ICT-phishingMH BS
 
Intro phishing
Intro phishingIntro phishing
Intro phishingSayali Dayama
 
What is Phishing? Phishing Attack Explained | Edureka
What is Phishing? Phishing Attack Explained | EdurekaWhat is Phishing? Phishing Attack Explained | Edureka
What is Phishing? Phishing Attack Explained | EdurekaEdureka!
 
Phishing technology
Phishing technologyPhishing technology
Phishing technologyPreeti Papneja
 
Web spoofing (1)
Web spoofing (1)Web spoofing (1)
Web spoofing (1)Khushboo Taneja
 
Tools and methods used in cyber crime
Tools and methods used in cyber crimeTools and methods used in cyber crime
Tools and methods used in cyber crimeshubhravrat Deshpande
 

More Related Content

What's hot

Improving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association MiningImproving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association Miningtheijes
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
A Review on Antiphishing Framework
A Review on Antiphishing FrameworkA Review on Antiphishing Framework
A Review on Antiphishing FrameworkIJAEMSJORNAL
 
Phishing
PhishingPhishing
PhishingSyahida
 
IJSRED-V2I4P0
IJSRED-V2I4P0IJSRED-V2I4P0
IJSRED-V2I4P0IJSRED
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldAvishek Datta
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gtemi
 
Phising a Threat to Network Security
Phising a Threat to Network SecurityPhising a Threat to Network Security
Phising a Threat to Network Securityanjuselina
 
Deconstructing A Phishing Scheme
Deconstructing A Phishing SchemeDeconstructing A Phishing Scheme
Deconstructing A Phishing SchemeChristopher Duffy
 
Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks
Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks
Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks Er. Rahul Jain
 
ICT-phishing
ICT-phishingICT-phishing
ICT-phishingMH BS
 
What is Phishing? Phishing Attack Explained | Edureka
What is Phishing? Phishing Attack Explained | EdurekaWhat is Phishing? Phishing Attack Explained | Edureka
What is Phishing? Phishing Attack Explained | EdurekaEdureka!
 

What's hot (20)

Improving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association MiningImproving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association Mining
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
A Review on Antiphishing Framework
A Review on Antiphishing FrameworkA Review on Antiphishing Framework
A Review on Antiphishing Framework
 
Phishing
PhishingPhishing
Phishing
 
IJSRED-V2I4P0
IJSRED-V2I4P0IJSRED-V2I4P0
IJSRED-V2I4P0
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing Attacks
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark World
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
 
Phising a Threat to Network Security
Phising a Threat to Network SecurityPhising a Threat to Network Security
Phising a Threat to Network Security
 
Deconstructing A Phishing Scheme
Deconstructing A Phishing SchemeDeconstructing A Phishing Scheme
Deconstructing A Phishing Scheme
 
Phishing
PhishingPhishing
Phishing
 
Phishing
PhishingPhishing
Phishing
 
Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks
Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks
Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks
 
Exploring And Investigating New Dimensions In Phishing
Exploring And Investigating New Dimensions In PhishingExploring And Investigating New Dimensions In Phishing
Exploring And Investigating New Dimensions In Phishing
 
Phishing attack
Phishing attackPhishing attack
Phishing attack
 
Anti phishing
Anti phishingAnti phishing
Anti phishing
 
ICT-phishing
ICT-phishingICT-phishing
ICT-phishing
 
Intro phishing
Intro phishingIntro phishing
Intro phishing
 
What is Phishing? Phishing Attack Explained | Edureka
What is Phishing? Phishing Attack Explained | EdurekaWhat is Phishing? Phishing Attack Explained | Edureka
What is Phishing? Phishing Attack Explained | Edureka
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 

Similar to Phish-Secure: An Anti-Phishing Algorithm Using Image Similarity, URL and IP Verification

Tools and methods used in cyber crime
Tools and methods used in cyber crimeTools and methods used in cyber crime
Tools and methods used in cyber crimeshubhravrat Deshpande
 
need help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfneed help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfanjandavid
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsIRJET Journal
 
Unauthorized access, Men in the Middle (MITM)
Unauthorized access, Men in the Middle (MITM)Unauthorized access, Men in the Middle (MITM)
Unauthorized access, Men in the Middle (MITM)Balvinder Singh
 
Phishing attack types and mitigation strategies
Phishing attack types and mitigation strategiesPhishing attack types and mitigation strategies
Phishing attack types and mitigation strategiesSarim Khawaja
 
You think you are safe online. Are You?
You think you are safe online. Are You?You think you are safe online. Are You?
You think you are safe online. Are You?TechGenie
 
The Evolution of Phising Attacks
The Evolution of Phising AttacksThe Evolution of Phising Attacks
The Evolution of Phising AttacksBee_Ware
 
Using OTP prevent Phishing attacks
Using OTP prevent Phishing attacksUsing OTP prevent Phishing attacks
Using OTP prevent Phishing attacksriteshsarode1995
 
Why are Proxy Servers Important for Cybersecurity
Why are Proxy Servers Important for CybersecurityWhy are Proxy Servers Important for Cybersecurity
Why are Proxy Servers Important for CybersecuritySysvoot Antivirus
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresIRJET Journal
 
Phishing Attack : A big Threat
Phishing Attack : A big ThreatPhishing Attack : A big Threat
Phishing Attack : A big Threatsourav newatia
 
phishing-technology-730-J1A0e1Q.pptx
phishing-technology-730-J1A0e1Q.pptxphishing-technology-730-J1A0e1Q.pptx
phishing-technology-730-J1A0e1Q.pptxMaheshDhope1
 

Similar to Phish-Secure: An Anti-Phishing Algorithm Using Image Similarity, URL and IP Verification (20)

Web spoofing (1)
Web spoofing (1)Web spoofing (1)
Web spoofing (1)
 
Tools and methods used in cyber crime
Tools and methods used in cyber crimeTools and methods used in cyber crime
Tools and methods used in cyber crime
 
need help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfneed help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdf
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing Tools
 
Unauthorized access, Men in the Middle (MITM)
Unauthorized access, Men in the Middle (MITM)Unauthorized access, Men in the Middle (MITM)
Unauthorized access, Men in the Middle (MITM)
 
Phishing
PhishingPhishing
Phishing
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
 
Phishing attack types and mitigation strategies
Phishing attack types and mitigation strategiesPhishing attack types and mitigation strategies
Phishing attack types and mitigation strategies
 
Amazon & E Bay
Amazon & E BayAmazon & E Bay
Amazon & E Bay
 
You think you are safe online. Are You?
You think you are safe online. Are You?You think you are safe online. Are You?
You think you are safe online. Are You?
 
Web spoofing
Web spoofingWeb spoofing
Web spoofing
 
The Evolution of Phising Attacks
The Evolution of Phising AttacksThe Evolution of Phising Attacks
The Evolution of Phising Attacks
 
Pad 750 podcast
Pad 750 podcastPad 750 podcast
Pad 750 podcast
 
Hack using firefox
Hack using firefoxHack using firefox
Hack using firefox
 
Using OTP prevent Phishing attacks
Using OTP prevent Phishing attacksUsing OTP prevent Phishing attacks
Using OTP prevent Phishing attacks
 
Why are Proxy Servers Important for Cybersecurity
Why are Proxy Servers Important for CybersecurityWhy are Proxy Servers Important for Cybersecurity
Why are Proxy Servers Important for Cybersecurity
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and Countermeasures
 
Phishing
PhishingPhishing
Phishing
 
Phishing Attack : A big Threat
Phishing Attack : A big ThreatPhishing Attack : A big Threat
Phishing Attack : A big Threat
 
phishing-technology-730-J1A0e1Q.pptx
phishing-technology-730-J1A0e1Q.pptxphishing-technology-730-J1A0e1Q.pptx
phishing-technology-730-J1A0e1Q.pptx
 

Phish-Secure: An Anti-Phishing Algorithm Using Image Similarity, URL and IP Verification

  • 2. Phishing basics • Introduction • Flow of information in phishing attak • Phishing attacks • Common procedure of phishing attack • Approaches to prevent phishing attack • Proposed system • Flow chart • Conclusion • Reference
  • 3. • What is phishing? • Why it is called phishing? • Pronounced as „Fishing‟. • The word has its Origin from two words “Password Harvesting” or fishing for Passwords • Also known as "brand spoofing“.
  • 4.  Phishing is a kind of online security attack where the attacker creates a replica of an existing web page to fool users in order to hack their personal, financial, or password data.  Phishing often directs users to enter details in a fake website who’s URL, look and feel are almost identical to the legitimate one.  The current Anti-Phishing system has failed to prevent Phishing completely.  An Anti-Phishing algorithm is proposed which is termed as “Phish-Secure”.  Phish-Secure utilize a three factor authentication system which successfully detects and prevents all Phishing attacks.
  • 5. 1. A deceptive message is sent from the Phishers to the user. 2. A user provides confidential information to a Phishing server (normally after some interaction with the server). 3. The Phishers obtains the confidential information from the server. 4. The confidential information is used to impersonate the user. 5. The Phishers obtains illicit monetary gain.
  • 6.  Phishing by URL Obfuscation  For example, the customer may follow a link to http://www.mybank.com.ch/ instead of the original link http://www.mybank.com/ .  This is a fake website for Facebook which looks like same as that of legitimate website. www.sanagustinturismo.co/Facebook/
  • 7.  Pharming  Pharming is a hacker's attack aiming to redirect a website's traffic to another bogus website.  Pharming can be conducted by either DNS Poisoning or HOSTS file Modification.  DNS poisoning  Attacker hacks into the DNS server and changes the IP address for www.targetsite.com to IP of www.targetsite1.com (Fake page).  So if the user enter the URL in address bar, the computer queries the DNS server for the IP address of www.targetsite.com  Since the DNS server has already been poisoned by the attacker, it returns the IP address of www.targetsite1.com (fake page).  The user will believe it is original website but it is phishing page.
  • 8.  HOSTS file Modification.  This method is local DNS poisoning.  The host file contains Domain Name and IP address associated with them. Your host file will be in this path:  It will change the fields of hosts so that original website will point to some other fake page.  Other types of pharming attacks involve Trojan horses, worms or other technologies that attack the browser address bar, thus redirecting you to a fraudulent website when you type in a legitimate address.
  • 9.  Man-in-the-middle Attacks  In this type of attack, the attacker situates themselves between the customer and the real web-based application, and proxies all communications between the systems.  In this the hacker must re-direct the user to his proxy server instead of the real server. This may be carried out through a  DNS Cache Poisoning  URL Obfuscation
  • 10. Phishing attacks are performed with the following steps: 1) Phishers set up a fake Web site which looks exactly like the legitimate Web site, which includes setting up the web server and create the web pages similar to the destination Website . 2) User receives the e-mail, opens it, click the spoofed hyperlink in the e-mail, and input the required information.
  • 11. There are several technical and non-technical ways to prevent Phishing attacks:  Educate users to understand how Phishing attacks work and to be alert when Phishing-alike e-mails are received.  Use technical methods to stop Phishing attackers. In this, we only focus on the technical aspect.
  • 12. Technical approaches to prevent “Phishing” attack.  Detect and block Phishing in time  Detect the Phishing Web sites in time, we can block the sites and prevent Phishing attacks.  DNS Scan  The web master of a legal web site periodically scans the root DNS for suspicious sites. (e.g. www.icci.com vs. www.icici.com)
  • 13.  Enhance the security of the web sites  The business websites can take new methods to guarantee the security of users personal information.  One method to enhance the security is to use hardware devices. For example, the Barclays bank provides a hand-held card reader to the users.  Use the biometrics characteristic (e.g. voice, fingerprint, iris, etc.) for user authentication.  Install online anti-Phishing software in user’s computers  Install anti-Phishing tools in their computers .  The anti-Phishing tools are categorized as: blacklist/White list based.
  • 14. A. Image Similarity Detection:  Image similarity detection is done which helps in finding out which page the user tends to visit, then it is checked for Phishing.  For this purpose a system captures the image of a webpage in a particular resolution in the required format. This image is termed as Visual image.  If the attacker is going to create a Phishing site he is going to use the replica of the original webpage in order to fool the users.  Phish-Secure make a comparison to find out the similarity between the visited page and the page in the database.
  • 15. Table of Sample Database Structure  The similarity is obtained in means of percentage, if the percentage of similarity (PS) is greater than 99 % then Phish-Secure concludes which website the user is tending to visit.
  • 16. B. Factor 1: URL Verification.  When the user visits any site the Phish-Secure immediately grabs the URL of the visited page. If the visited page URL is encoded Phish-Secure decodes it.  Then a comparison is made between the actual URL and the visual URL if they are same further verification is carried out. On the other hand if they are different Phish-Secure identifies the particular website as Phishing.
  • 17. C. Factor 2: Black Listing (Based On IP):  When the user visits a webpage Phish-Secure grabs the destination IP which gives information about to which IP address the user is getting connected, this is referred as V_IP (Visual IP).  If an attacker web server IP address has already been found guilty the particular IP is blacklisted.  Phish-Secure check this Blacklist with the V_IP and will warn the user. On the other hand if the V_IP is not found in Blacklist further verification is done in the following step.
  • 18. D. Factor 3: Layer 3’s Destination Address Verification:  Phish-Secure grabs the actual list of IP address of the provider which he tends to connect.  Phish-Secure gets the list of IP address which is referred to as actual IP [ ] and is checked with the V_IP (i.e.) the IP address to which the user is getting connected.  If these two IP address are same Phish-Secure identifies the particular site as genuine and returns a message as authenticated. On the other hand if there is a mismatch in the above verification Phish-Secure identifies the site as Phishing and warns the user.
  • 19.
  • 20.  Phishing has becoming a serious online security threat which causes loss of sensitive data. which in turn causes loss in billions of dollars to both consumers and e-commerce companies.  In this ‘Phish-Secure’, an anti-phishing algorithm has been designed.  Phish-Secure is capable of detecting both known and unknown Phishing attacks. Phish-Secure will verify whether the user is connected to the website which he actually tends to connect.  Since this is based on the verification of the destination servers IP address the probability of Phishing attack is drastically reduced.