scispace - formally typeset
Search or ask a question
Proceedings ArticleDOI

Analysis and Prevention of Phishing Attacks in Cyber Space

TL;DR: This paper mainly deals with the analysis of phishing attacks in the cyberspace and any malicious content that is associated with the web, and is carried out within the browser.
Abstract: Now-a-days internet become a very unsafe space to deal with. Hackers are constantly trying to gain the user’s personal information, and detailed credentials. So many websites on the internet, even though safe, this safety cannot be assured by all websites. These rule breakers avoid abiding by rules, and try to employ methods like trickery and hacking to gain illegal access to private information. To be able to overcome this problem, we need to first understand the intricacies of how the virus is designed. This paper mainly deals with the analysis of phishing attacks in the cyberspace and any malicious content that is associated with the web, and is carried out within the browser. The files which are downloaded with virus, and involve third party applications from the PC, cannot be checked for virus. For instance, if there is a word file that is downloaded to the PC, it uses apps outside the web in the VM, and hence cannot be controlled by the VM.
Citations
More filters
Journal Article
TL;DR: This work proposes using a trusted device to perform mutual authentication that eliminates reliance on perfect user behavior, thwarts Man-in-the-Middle attacks after setup, and protects a user's account even in the presence of keyloggers and most forms of spyware.
Abstract: Phishing, or web spoofing, is a growing problem: the Anti-Phishing Working Group (APWG) received almost 14,000 unique phishing reports in August 2005, a 56% jump over the number of reports in December 2004 [3]. For financial institutions, phishing is a particularly insidious problem, since trust forms the foundation for customer relationships, and phishing attacks undermine confidence in an institution. Phishing attacks succeed by exploiting a user's inability to distinguish legitimate sites from spoofed sites. Most prior research focuses on assisting the user in making this distinction; however, users must make the right security decision every time. Unfortunately, humans are ill-suited for performing the security checks necessary for secure site identification, and a single mistake may result in a total compromise of the user's online account. Fundamentally, users should be authenticated using information that they cannot readily reveal to malicious parties. Placing less reliance on the user during the authentication process will enhance security and eliminate many forms of fraud. We propose using a trusted device to perform mutual authentication that eliminates reliance on perfect user behavior, thwarts Man-in-the-Middle attacks after setup, and protects a user's account even in the presence of keyloggers and most forms of spyware. We demonstrate the practicality of our system with a prototype implementation.

191 citations

Journal ArticleDOI
TL;DR: In this article , the authors proposed a method to solve the problem of homonymity in homonym identification, i.e., homonymization, in the context of homology.
Abstract: ABSTRACT
Journal ArticleDOI
TL;DR: In this paper , the authors provide a cyclical framework to carry out effective cybersecurity threat hunting and compare the same with the existing security operations prevalent in the organizations. But, this research paper considers organizations in the IT sector or banking sector mainly which become the victims of cyber-attacks easily.
Abstract: In the past few years, cyber-attacks have been increasing in terms of volume, quality as well as attack methodologies. Organizations ranging from government agencies, financial institutions, corporate sectors have started setting up their own or outsourced security operation centers in order to maintain the CIA (Confidentiality, Integrity, and Availability) triad of the organization. Organizations have realized that having IT security or SOC is not enough to protect their network as new methods of breaching network security and new vulnerabilities come into existence. Here lies the importance of the organizations to focus on effective cybersecurity threat hunting, which will assist the organizations in predicting, detecting, isolating unknown advanced persistent threats that otherwise manage to evade existing security operations and monitoring systems. However, organizations are often oblivious about vulnerabilities present in the processes involved until those are exploited, causing harm to the organization, which depicts the concept of a zero-day vulnerability. The objective of this paper is to provide a cyclical framework to carry out effectively cybersecurity threat hunting and compares the same with the existing security operations prevalent in the organizations. The important parameters for active threat hunting include application of the right tools, training of employees, analytics, visibility, and intelligence, which are required to detect and investigate advanced cyber threats. However, this research paper considers organizations in the IT sector or banking sector mainly which become the victims of cyber-attacks easily.
References
More filters
Proceedings ArticleDOI
22 Apr 2006
TL;DR: This paper provides the first empirical evidence about which malicious strategies are successful at deceiving general users by analyzing a large set of captured phishing attacks and developing a set of hypotheses about why these strategies might work.
Abstract: To build systems shielding users from fraudulent (or phishing) websites, designers need to know which attack strategies work and why. This paper provides the first empirical evidence about which malicious strategies are successful at deceiving general users. We first analyzed a large set of captured phishing attacks and developed a set of hypotheses about why these strategies might work. We then assessed these hypotheses with a usability study in which 22 participants were shown 20 web sites and asked to determine which ones were fraudulent. We found that 23% of the participants did not look at browser-based cues such as the address bar, status bar and the security indicators, leading to incorrect choices 40% of the time. We also found that some visual deception attacks can fool even the most sophisticated users. These results illustrate that standard security indicators are not effective for a substantial fraction of users, and suggest that alternative approaches are needed.

1,368 citations

Journal ArticleDOI
TL;DR: Sometimes a "friendly" email message tempts recipients to reveal more online than they otherwise would, playing right into the sender's hand.
Abstract: Sometimes a "friendly" email message tempts recipients to reveal more online than they otherwise would, playing right into the sender's hand.

995 citations

Proceedings ArticleDOI
08 May 2007
TL;DR: This method is applicable, with slight modification, to detection of phishing websites, or the emails used to direct victims to these sites, and correctly identify over 96% of the phishing emails while only mis-classifying on the order of 0.1%" of the legitimate emails.
Abstract: Each month, more attacks are launched with the aim of making web users believe that they are communicating with a trusted entity for the purpose of stealing account information, logon credentials, and identity information in general. This attack method, commonly known as "phishing," is most commonly initiated by sending out emails with links to spoofed websites that harvest information. We present a method for detecting these attacks, which in its most general form is an application of machine learning on a feature set designed to highlight user-targeted deception in electronic communication. This method is applicable, with slight modification, to detection of phishing websites, or the emails used to direct victims to these sites. We evaluate this method on a set of approximately 860 such phishing emails, and 6950 non-phishing emails, and correctly identify over 96% of the phishing emails while only mis-classifying on the order of 0.1% of the legitimate emails. We conclude with thoughts on the future for such techniques to specifically identify deception, specifically with respect to the evolutionary nature of the attacks and information available.

641 citations

Proceedings ArticleDOI
06 Jul 2005
TL;DR: A new scheme is proposed, Dynamic Security Skins, that allows a remote web server to prove its identity in a way that is easy for a human user to verify and hard for an attacker to spoof.
Abstract: Phishing is a model problem for illustrating usability concerns of privacy and security because both system designers and attackers battle using user interfaces to guide (or misguide) users.We propose a new scheme, Dynamic Security Skins, that allows a remote web server to prove its identity in a way that is easy for a human user to verify and hard for an attacker to spoof. We describe the design of an extension to the Mozilla Firefox browser that implements this scheme.We present two novel interaction techniques to prevent spoofing. First, our browser extension provides a trusted window in the browser dedicated to username and password entry. We use a photographic image to create a trusted path between the user and this window to prevent spoofing of the window and of the text entry fields.Second, our scheme allows the remote server to generate a unique abstract image for each user and each transaction. This image creates a "skin" that automatically customizes the browser window or the user interface elements in the content of a remote web page. Our extension allows the user's browser to independently compute the image that it expects to receive from the server. To authenticate content from the server, the user can visually verify that the images match.We contrast our work with existing anti-phishing proposals. In contrast to other proposals, our scheme places a very low burden on the user in terms of effort, memory and time. To authenticate himself, the user has to recognize only one image and remember one low entropy password, no matter how many servers he wishes to interact with. To authenticate content from an authenticated server, the user only needs to perform one visual matching operation to compare two images. Furthermore, it places a high burden of effort on an attacker to spoof customized security indicators.

578 citations

Proceedings Article
01 Jan 2004
TL;DR: A framework for client-side defense is proposed: a browser plug-in that examines web pages and warns the user when requests for data may be part of a spoof attack.
Abstract: Web spoofing is a significant problem involving fraudulent email and web sites that trick unsuspecting users into revealing private information We discuss some aspects of common attacks and propose a framework for client-side defense: a browser plug-in that examines web pages and warns the user when requests for data may be part of a spoof attack While the plugin, SpoofGuard, has been tested using actual sites obtained through government agencies concerned about the problem, we expect that web spoofing and other forms of identity theft will be continuing problems in

487 citations


"Analysis and Prevention of Phishing..." refers background or methods in this paper

  • ...SpoofGuard [5] is another such plugin which offers a symptom based solution which searches for traits in websites like similar domain names and masked links....

    [...]

  • ...Two browser-based client-side solutions are proposed by Stanford University for the detection and avoidance of phishing attacks [5] [7]....

    [...]

  • ...[2] [3], while other techniques decrement fraud websites [4], while some checks the genuineness of web pages that a user visits [5]....

    [...]

Trending Questions (2)
How to overcome cyber attacks due to phishing?

The paper discusses the analysis of phishing attacks and proposes a virtual container-based web browser to isolate visited websites and safeguard the internal computer system. It does not provide specific countermeasures for overcoming phishing attacks.

How to overcome cyber attacks due phishing?

The paper discusses the analysis of phishing attacks and proposes a virtual container-based web browser to isolate visited websites and safeguard the internal computer system. It also emphasizes the importance of user education for security awareness.