A Robust Defense Mechanism to Prevent Phishing Attack Using Parse Tree Validation

Shanmughaneethi, V.; Abraham, R Albert; Swamynathan, S.

doi:10.1007/978-3-642-29280-4_64

Cited by 1 publication

(1 citation statement)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The structural, lexical features, as well as host-based features, such as IP address and time of registration of URLs within a domain, can be used to classify legitimate sites and malicious sites [20], [25], [26], [32]. Some existing approaches are able to detect a phishing site based on its content information, such as lexical features, layout similarity with legitimate sites, and content anomaly [27], [29], [34], [40].…”

Section: Related Workmentioning

confidence: 99%

Gemini: An Emergency Line of Defense against Phishing Attacks

Wang

Jajodia

2014

2014 IEEE 33rd International Symposium on Reliable Distributed Systems

View full text Add to dashboard Cite

This paper proposes a simple but very effective approach called Gemini to prevent victim users from exposing sensitive credentials to a phishing site. As an emergency line of defense, Gemini assumes that a victim user is already deceived into a phishing site and starts the user authentication procedure. Gemini springs into action once the username field is filled in, and tackles the phishing problem from a new perspective. In particular, by exploiting username input, Gemini is able to provide more accurate detection of a phishing site and much stronger protection for a password, the most confidential and crucial information for user authentication. To validate the efficacy of Gemini, we implement different prototypes of Gemini as a browser extension for IE, Firefox, and Chrome, respectively, and conduct extensive live experiments over various legitimate and phishing websites for more than one month. Our experimental results show that Gemini can achieve zero false negative rate and less than 1% false positive rate, and Gemini can effectively block the access to a phishing site before a victim user begins to enter in a password. Moreover, Gemini is complementary to existing antiphishing tools. The performance overhead induced by Gemini is minor and has a negligible effect upon users' browsing activities.

show abstract