Itrustpage: A user-assisted anti-phishing tool

EuroSys'08 - Proceedings of the EuroSys 2008 Conference

Volumn , Issue , 2008, Pages 261-272

  Ronda, Troy ^a   Saroiu, Stefan ^a   Wolman, Alec ^b  

^a UNIVERSITY OF TORONTO   (Canada)

^b MICROSOFT RESEARCH   (United States)

Author keywords

Anti phishing; Phishing

Indexed keywords

ANTI-PHISHING; AUTOMATIC DETECTIONS; EASE OF USE; FALSE NEGATIVES; FALSE POSITIVES; MOZILLA; NEW APPROACHES; PHISHING; PHISHING ATTACKS; RESEARCH COMMUNITIES; USER INPUTS; WEB FORMS; WEB PAGES;

AUTOMATION; WEBSITES; WORLD WIDE WEB;

INFORMATION DISSEMINATION;

EID: 59249089053     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1352592.1352620     Document Type: Conference Paper

References (31)

1. Anti-Phishing Working Group Website, http://www.antiphishing.org/.
2. Personal Communication, 2006. Confidential Source, Canadian Banking Sector. Toronto.
3. iTrustPage Tool, 2007. http: //www.cs.toronto.edu/~ronda/itrustpage/.
4. M. Barreno, B. Nelson, R. Sears, A. D. Joseph, and J. D. Tygar. Can Machine Learning Be Secure? In Proceedings of the ACM Symposium on Information, Computer, and Communication Security (ASIACCS), Taipei, Taiwan, March 2006.
5. S. Chiasson and P. van Oorchot. A Usability Study and Critique of Two Password Managers. In Proceedings of the USENIX Security Symposium, August, 2006.
6. CNET News.com. New tool enables sophisticated phishing scams, http://news.com.oom/New+tool+ enables+sophisticated+phishing+scams/2100-1029-3- 6149090.html.
7. R. Dhamija, J. D. Tygar, and M. Hearst. Why Phishing Works. In Proceedings of Conference on Human Factors in Computing Systems (CHI), April 2006.
8. J. S. Downs, M. B. Holbrook, and L. F. Cranor. Decision strategies and susceptibility to phishing. In Proceedings of the Symposium on Usable Privacy and Security, July 2006.
9. I. Fette, N. Sadeh, and A. Tomasic. Learning to Detect Phishing Emails. In Proceedings of the International World Wide Web Conference (WWW), Banff, Alberta, Canada, May 2007.
10. D. Florn̂cio and C. Herley. A Large-Scale Study of Web Password Habits. In Proceedings of the International World Wide Web Conference (WWW), Banff, Alberta, Canada, May 2007.
11. D. Florêncio and C. Herley. Password Rescue: A New Approach to Phishing Prevention. In Proceedings of USENIX Workshop on Hot Topics in Security, July 2006.
12. R. Franco. Better Website Identification and Extended Validation Certificates in IE7 and Other Browsers, 2005. http://blogs.msdn.com/ie/archive/ 2005/11/21/495507.aspx.
13. GeoTrust. TrustWatch Search, 2006. http://www.trustwatch.com/.
14. J. Halderman, B. Waters, and E. Felten. A convenient method for securely managing passwords. In Proceedings of the International Conference on World Wide Web, May, 2005.
15. C. Jackson, D. Boneh, and J. C. Mitchell. Stronger Password Authentication Using Virtual Machines. 2006. http://crypto.Stanford.edu/ SpyBlock/spyblock.pdf.
16. K. Jackson. DNS Gets Anti-Phishing Hook, 2006. http://www.darkreading. com/document.asp?doc-id=99089&WT.svl=news1-1.
17. T. Jagatic, N. Johnson, M. Jakobsson, and F. Menczer. Social Phishing. Communications of the ACM. Vol. 50, No. 10., October, 2007.
18. W. Liu, X. Deng, G. Huang, and A. Fu. An Antiphishing Strategy Based on Visual Similarity Assessment. IEEE Internet Computing, Vol. 10, No. 2. 58-65, March/April, 2005.
19. Microsoft. Exchange Server, 2006. http://www.microsoft.com/exchange/ default.mspx.
20. Microsoft.com. Get anti-phishing and spam filters with Outlook SP2, 2005. http://www.microsoft.com/athome/security/email/outlook-sp2-filters.mspx.
21. J. Nazario. Phishingcorpus: phishing2. http://monkey.org/-jose/phishing/ phishing2.mbox.
22. B. Parno, C. Kuo, and A. Perrig. Phoolproof Phishing Prevention. In Proceedings of Financial Cryptography and Data Security (FC), 2006.
23. B. Ross, C. Jackson, N. Miyake, D. Boneh, and J. Mitchell. Stronger Password Authentication Using Browser Extensions. In Proceedings of the Usenix Security Symposium, April, 2005.
24. B. Schneier. Two-Factor Authentication: Too Little, Too Late. Communications of the ACM. Vol. 48, No. 4., April, 2005.
25. SURBL. Surbl lists, 2006. http://www.surbl.org/lists.html.
26. Symantec. Symantec Internet Security Threat Report: Trends for July - December 06. http://eval.Symantec.com/mktginfo/enterprise/white-papers/ent- whitepaper-internet-security-threat-report-xi-03-2007.en-us.pdf.
27. M. Wu, R. Miller, and S. Garfinkel. Do Security Toolbars Actually Prevent Phishing Attacks? In Proceedings of Conference on Human Factors in Computing Systems (CHI), April 2006.
28. M. Wu, R. Miller, and G. Little. Web Wallet: Preventing Phishing Attacks by Revealing User Intentions. In Proceedings of the Symposium on Usable Privacy and Security, July 2006.
29. K. Yee and K. Sitaker. Passpet: convenient password management and phishing protection. In Proceedings of the Symposium on Usable Privacy and Security, July 2006.
30. Y. Zhang, S. Egelman, L. Cranor, and J. Hong. Phinding Phish: An Evaluation of Anti-Phishing Toolbars. In Network and Distributed System Security Symposium (NDSS), San Diego, California, USA, February 2007.
31. Y. Zhang, J. Hong, and L. Cranor. CANTINA: A Content-Based Approach to Detecting Phishing Web Sites. In Proceedings of the International World Wide Web Conference (WWW), Banff, Alberta, Canada, May 2007.