PHONEY: Mimicking User Response to Detect Phishing Attacks

Chandrasekaran, M.; Chinchani, Ramkumar; Upadhyaya, Shambhu

doi:10.1109/wowmom.2006.87

Cited by 57 publications

(36 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Abdullah Alnajim et.al. [15] has proposed an approach to the Implementation of the Anti-Phishing tool for Phishing Websites Detection to the implementation of the Anti-Phishing that uses Training Intervention for Phishing Websites Detection (APTIPWD), which also shows that the APTIPWD is feasible and can be implemented within any proxy-based network easily without writing a single line of a programming code and without undue disruption of the users system [16][17][18][19].…”

Section: Previous Research Study On Phishing a Novelmentioning

confidence: 99%

Performance Analysis of Anti-Phishing Tools and Study of Classification Data Mining Algorithms for a Novel Anti-Phishing System

Gupta¹,

Shukla²

2015

IJCNIS

View full text Add to dashboard Cite

Abstract-The term Phishing is a kind of spoofing website which is used for stealing sensitive and important information of the web user such as online banking passwords, credit card information and user's password etc. In the phishing attack, the attacker generates the warning message to the user about the security issues, ask for confidential information through phishing emails, ask to update the user's account information etc. Several experimental design considerations have been proposed earlier to countermeasure the phishing attack. The earlier systems are not giving more than 90 percentage successful results. In some cases, the system tool gives only 50-60 percentage successful result. In this paper, a novel algorithm is developed to check the performance of the anti-phishing system and compared the received data set with the data set of existing anti-phishing tools. The performance evaluation of novel anti-phishing system is studied with four different classification data mining algorithms which are Class Imbalance Problem (CIP), Rule based Classifier (Sequential Covering Algorithm (SCA)), Nearest Neighbour Classification (NNC), Bayesian Classifier (BC) on the data set of phishing and legitimate websites. The proposed system shows less error rate and better performance as compared to other existing system tools.

show abstract

Section: Previous Research Study On Phishing a Novelmentioning

confidence: 99%

Performance Analysis of Anti-Phishing Tools and Study of Classification Data Mining Algorithms for a Novel Anti-Phishing System

Gupta¹,

Shukla²

2015

IJCNIS

View full text Add to dashboard Cite

show abstract

“…Pandey and Ravi [5] present phishing detection based on text and data mining. Chandrasekaran et al [6] mimicked user responses to detect phishing. Their work places the response before detection to provide the adversary with fake responses.…”

Section: Related Workmentioning

confidence: 99%

“…The phishing campaigns detected earlier are used and the phishers are provided with fake responses to their phishing attempts. Inspired by the related work [6], [8], we propose an automatic response to phishing messages from a honeypot e-mail addresses so that they appear active and vulnerable to phishing. The phisher will add the responding addresses to the recipient list and include them in the next phishing campaign.…”

Section: Attracting Phishersmentioning

confidence: 99%

PhiGARo: Automatic Phishing Detection and Incident Response Framework

Husák

Čegan

2014

2014 Ninth International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

Abstract-We present a comprehensive framework for automatic phishing incident processing and work in progress concerning automatic phishing detection and reporting. Our work is based upon the automatic phishing incident processing tool PhiGARo which locates users responding to phishing attack attempts and prevents access to phishing sites from the protected network. Although PhiGARo processes the phishing incidents automatically, it depends on reports of phishing incidents from users. We propose a framework which introduces honeypots into the process in order to eliminate the reliance on user input. The honeypots are used to capture e-mails, automatically detect messages containing phishing and immediately transfer them to PhiGARo. There is a need to propagate e-mail addresses of a honeypot to attract phishers. We discuss approaches to the honeypot e-mail propagation and propose a further enhancement to using honeypots in response to phishing incidents. We propose providing phishers with false credentials, accounts and documents that will grant them access to other honeypot services. Tracing these honeytokens may lead us to the originators of the phishing attacks and help investigations into phishing incidents.

show abstract

“…PHONEY is a phishing email detection system that tries to detect phishing emails by mimicking user responses and providing fake information to suspicious web sites that request critical information. The web sites' responses are forwarded to the decision engine for further analysis [4].…”

Section: Technology Countermeasuresmentioning

confidence: 99%

Defending the weakest link: phishing websites detection by analysing user behaviours

2010

View full text Add to dashboard Cite

Phishing detection systems are principally based on the analysis of data moving from phishers to victims. In this paper we describe a novel approach for detecting phishing websites based on analysis of users' online behavioursi.e., the websites users have visited, and the data users have submitted to those websites. Such user behaviours can not be manipulated freely by attackers; detection based on those data can achieve high accuracy whilst being fundamentally resilient against changing deception methods.

show abstract

PHONEY: Mimicking User Response to Detect Phishing Attacks

Cited by 57 publications

References 1 publication

Performance Analysis of Anti-Phishing Tools and Study of Classification Data Mining Algorithms for a Novel Anti-Phishing System

Performance Analysis of Anti-Phishing Tools and Study of Classification Data Mining Algorithms for a Novel Anti-Phishing System

PhiGARo: Automatic Phishing Detection and Incident Response Framework

Defending the weakest link: phishing websites detection by analysing user behaviours

Contact Info

Product

Resources

About