A forensic framework for tracing phishers

IFIP International Federation for Information Processing

Volumn 262, Issue , 2008, Pages 23-35

  Gajek, Sebastian ^a   Sadeghi, Ahmad Reza ^a  

^a RUHR UNIVERSITY BOCHUM   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

INFORMATION SCIENCE; EDUCATION;

CYBERCRIME; IDENTITY THEFT; PHISHERS; PHISHING;

COMPUTER CRIME;

EID: 45949097266     PISSN: 15715736     EISSN: None     Source Type: Book Series    
DOI: 10.1007/978-0-387-79026-8_2     Document Type: Conference Paper

References (21)

1. A. Adelsbach, S. Gajek, and J. Schwenk. Visual Spoofing of SSL Protected Web Sites and Effective Countermeasures. In Information Security Practice and Experience Conference, 2005.
2. D. Agarwal. An empirical bayes approach to detect anomalies in dynamic multidimensional arrays. In ICDM '05: Proceedings of the Fifth IEEE International Conference on Data Mining, pages 26-33. IEEE Computer Society, 2005.
3. R. Beverly. A robust classifier for passive TCP/IP fingerprinting. In Passive and Active Network Measurement, LNCS, pages 158-167, 2004.
4. D. Birk, S. Gajek, F. Gröbert, and A.-R. Sadeghi. Phishing phishers - observing and tracing organized cybercrime. In ICIMP'07: Proceedings of the Second International Conference on Internet Monitoring and Protection. IEEE Computer Society, 2007.
5. M. Chandrasekaran, R. Chinchani, and S. Upadhyaya. Phoney: Mimicking user response to detect phishing attacks. wowmom, 0:668-672, 2006.
6. T. Fawcett and F. Provost. Fraud detection. In W. Kloesgen and J. Zytkow, editors, Handbook of Knowledge Discovery and Data Mining. Oxford University Press, 2002. CeDER Working Paper #IS-99-18, Stern School of Business, New York University, NY, NY 10012.
7. D. Florencio and C. Herley. Stopping a Phishing Attack, Even when the Victims IgnoreWarnings. Technical Report MSR-TR-2005-142, Microsoft Research (MSR), 2005.
8. T. Kohno, A. Broido, and K. C. Claffy. Remote physical device fingerprintin. IEEE Trans. Dependable Sec. Comput, 2(2):93-108, 2005.
9. A. Litan. Increased Phishing and Online Attacks Cause Dip in Consumer Confidence. Gartner Study, June 2005.
10. A. Litan. Phishing Attacks Leapfrog Despite Attempts to Stop Them. Gartner Study, November 2006.
11. C. M. McRae, R. W. McGrew, and R. B. Vaughn. Honey tokens and web bugs: Developing reactive techniques for investigating phishing scams. Digital Forensic Practice, 1(3):193-199, 2006.
12. R. Molva and G. Tsudik. Authentication method with impersonal token cards. In SP'91: Proceedings of the Symposium on Research in Security and Privacy, pages 55-65, May 1991.
13. T. Moore and R. Clayton. An empirical analysis of the current state of phishing attack and defence. In Workshop on the Economics of Information Security, 2007.
14. M. Najork and A. Heydon. On high-performance web crawling. Technical report, Compaq Systems Research Center, 2001.
15. V. Paxson. An analysis of using reflectors for distributed denial-of-service attacks. SIGCOMM Comput. Commun. Rev., 31(3):38-47, 2001.
16. S. L. Scott. A bayesian paradigm for designing intrusion detection systems. Computational Statistics & Data Analysis, 45(1 :69-83, 2004.
17. M. Smart, G. R. Malan, and F. Jahanian. Defeating TCP/IP stack fingerprinting. In USENIX Security Symposium, 2000.
18. L. Spitzner. Honeytokens: The Other Honeypot, 2003. http://www.securityfocus.com/infocus/1713.
19. M. J. T. Jagatic, N. Johnson and F. Menczer. Social phishing, 2007. To appear in Communications of the ACM.
20. The Honeynet Project and Research Alliance. Know your Enemy: Phishing, Identifying remote hosts, without them knowing, 2005. http://www.honeynet.org/papers/phishing/.
21. M. Zalewski and W. Stearns. Passive os fingerprinting tool, 2006. http://lcamtuf.coredump.cx/p0f/README.