Two-Pronged Phish Snagging

Verma, Rakesh M.; Shashidhar, Narasimha; Hossain, Nabil

doi:10.1109/ares.2012.51

Cited by 6 publications

(5 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Their system displays high accuracy while relying on a relatively small number of classifiers. In [20] a two dimensional approach to detect phishing emails is presented. The proposed framework called PhishSnag, operates between a user's mail transfer agent (MTA) and mail user agent (MUA) and processes each arriving email for phishing attacks even before reaching the user's inbox.…”

Section: Machine Detectionmentioning

confidence: 99%

Phishing Attacks and Defenses

Chaudhry¹,

Chaudhry²,

Rittenhouse³

2016

IJSIA

View full text Add to dashboard Cite

show abstract

Section: Machine Detectionmentioning

confidence: 99%

Phishing Attacks and Defenses

Chaudhry¹,

Chaudhry²,

Rittenhouse³

2016

IJSIA

View full text Add to dashboard Cite

show abstract

“…Processing attachments in emails is also an interesting direction for the future. We have reduced our reliance on Google for link analysis [29].…”

Section: Discussionmentioning

confidence: 99%

“…An in-depth discussion of DKIM/SDID is beyond the scope of this paper and the interested reader is referred to RFC 5585 [27] for an overview of the DKIM service and SDID and to the IETF publication RFC 4408 [28] for more information on SPF. In [29], we present a more detailed treatment of headerAnalysis() and present an interesting discussion on the significance of DKIM signatures and SPF through examples.…”

Section: Header Analysismentioning

confidence: 99%

Detecting Phishing Emails the Natural Language Way

Verma

Shashidhar

Hossain

2012

Computer Security – ESORICS 2012

Self Cite

View full text Add to dashboard Cite

Phishing causes billions of dollars in damage every year and poses a serious threat to the Internet economy. Email is still the most commonly used medium to launch phishing attacks [1]. In this paper, we present a comprehensive natural language based scheme to detect phishing emails using features that are invariant and fundamentally characterize phishing. Our scheme utilizes all the information present in an email, namely, the header, the links and the text in the body. Although it is obvious that a phishing email is designed to elicit an action from the intended victim, none of the existing detection schemes use this fact to identify phishing emails. Our detection protocol is designed specifically to distinguish between "actionable" and "informational" emails. To this end, we incorporate natural language techniques in phishing detection. We also utilize contextual information, when available, to detect phishing: we study the problem of phishing detection within the contextual confines of the user's email box and demonstrate that context plays an important role in detection. To the best of our knowledge, this is the first scheme that utilizes natural language techniques and contextual information to detect phishing. We show that our scheme outperforms existing phishing detection schemes. Finally, our protocol detects phishing at the email level rather than detecting masqueraded websites. This is crucial to prevent the victim from clicking any harmful links in the email. Our implementation called PhishNet-NLP, operates between a user's mail transfer agent (MTA) and mail user agent (MUA) and processes each arriving email for phishing attacks even before reaching the inbox.

show abstract

“…First, the offender sends a communication to the target, which 62 of the definitions state. Typically, the offender sends the target an email (n = 30) or sends a message using a method that is not specified (n = 22), occasionally using other methods such as websites (Hodgson 2005;Levy 2004;Olurin et al 2012), social spaces (Piper 2007), instant messages (Ali and Rajamani 2012;Verma et al 2012), text messaging (Hinson 2010) or even letters (Workman 2008). Then, the target may reply by sending information to the offender, which is mentioned in 64 of the definitions, mostly through the use of a website (n = 40).…”

Section: Resultsmentioning

confidence: 99%

Achieving a consensual definition of phishing based on a systematic review of the literature

Lastdrager

2014

Crime Sci

View full text Add to dashboard Cite

Background: Phishing is a widely known phenomenon, but currently lacks a commonly accepted definition. As a result, many studies about phishing use their own definition. The lack of a common definition prevents knowledge accumulation and makes analysing studies or aggregating data about phishing a difficult task. Method:To develop a definition, we used existing definitions as input and combined them using crime science theories as the theoretical framework. A systematic review of the literature up to August 2013 was conducted, resulting in 2458 publications mentioning the word phishing. All journal articles, together with both highly cited and recent conference papers were selected, giving a total of 536 peer-reviewed publications (22%) to be manually reviewed. This resulted in 113 distinct definitions to be analysed.Results: An analysis identified key concepts that were found in most definitions and formed the building blocks for a consensual definition. We propose a new definition that is based upon current ones, which defines phishing in a comprehensive way and -in our opinion -addresses all important elements of phishing: 'phishing is a scalable act of deception whereby impersonation is used to obtain information from a target'. Conclusions:A consensual definition allows future research to be aligned and it facilitates the interpretation and comparison of existing research. The findings suggest that the routine activity approach can be applied to the digital world. Finally, the 'scalability' concept of our definition provides a new theoretical notion to digital crime that is independent of the employed channel.

show abstract

Two-Pronged Phish Snagging

Cited by 6 publications

References 19 publications

Phishing Attacks and Defenses

Phishing Attacks and Defenses

Detecting Phishing Emails the Natural Language Way

Achieving a consensual definition of phishing based on a systematic review of the literature

Contact Info

Product

Resources

About