Anti-phishing based on automated individual white-list

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2008, Pages 51-59

  Cao, Ye ^a   Han, Weili ^a   Le, Yueran ^a  

^a FUDAN UNIVERSITY   (China)

Author keywords

Anti pharming; Anti phishing; Individual white list; Login user interface; Na ve Bayesian classifier

Indexed keywords

ANTI-PHARMING; ANTI-PHISHING; AUTOMATED TOOLS; BAYESIAN CLASSIFIER; CONFIDENTIAL INFORMATION; INDIVIDUAL WHITE-LIST; IP ADDRESSS; LOGIN USER INTERFACE; PHISHING;

AUTOMATION; BAYESIAN NETWORKS; CLASSIFIERS; ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS; INTERNET PROTOCOLS; LEARNING SYSTEMS; WORLD WIDE WEB;

USER INTERFACES;

EID: 70349255573     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1456424.1456434     Document Type: Conference Paper

References (33)

1. Identity Theft: What to Do if It Happens to You. http://www.anti- phishing.org/consumer-recs2.htm.
2. Y. Zhang, J. Hong and L. Cranor. CANTINA: A Content-Based Approach to Detecting Phishing Web Sites. Proceeding of International World Wide Web Conference (WWW 2007), Banff, Alberta, Canada, May 2007: 639-648.
3. Anti-Phishing Working Group. http://www.antiphishing.org/.
4. M. Jakobsson and S. Myers. Delayed Password Disclosure. Proceedings of the 2007 ACM workshop on Digital identity management, Nov. 2007: 17-26
5. I. Fette, N. Sadeh, A. Tomasic. Learning to Detect Phishing Emails. Proceeding of International World Wide Web Conference (WWW 2007), Banff, Alberta, Canada, May 2007: 649-656.
6. M. Sahami, S. Dumais, D. Heckerman, and E. Horvitz. A Bayesian approach to filtering junk email. AAAI Workshop on Learning for Text Categorization, Madison, Wisconsin, July 1998,. AAAI Technical Report WS-98-05
7. Ion Androutsopoulos, John Koutsias, Konstantinos V. Cbandrinos and Constantine D. Spyropoulos. An Experimental Comparison of Naive Bayesian and Keyword-Based Anti-Spam Filtering with Personal E-mail Messages. Proceedings of the 23rd annual international ACM SIGIR conference on Research and development in information retrieval (SIGIR 2000), Athens Greece, 2000: 160-167.
8. R. O. Duda and P.E. Hart. Bayes Decision Theory. Chapter 2 in Pattern Classification and Scene Analysis, pp. 10--43. John Wiley, 1973.
9. T. M. Mitchell. Bayesian Learning. Chapter 6 in Machine Learning, pp. 154-200. McGraw-Hill, 1997.
10. th International Conference on Machine Learning, Bari, Italy, 1996: 105-112
11. th National Conference on Artificial Intelligence, San Jose, Califomia, 1992: 223-228
12. PhishTank. http://www.phishtank.com/.
13. D. Florencio and C. Herley. A Large-Scale Study of Web Password Habits. Proceeding of International World Wide Web Conference (WWW 2007), Banff, Alberta, Canada, May, 2007: 657-665.
14. RSA Security, Protecting Against Phishing by Implementing Strong Two-Factor Authentication. 2004,https://www.rsasecurity.com/products/securid/ whitepapers/PHISH-WP-0904.pdf.
15. R. Dhamija and J. D. Tygar. The battle against phishing: Dynamic Security Skins. Proceedings of the 2005 symposium on Usable privacy and security, Pittsburgh, Pennsylvania,2005: 77-88
16. M. Wu, R. C. Miller, G. Little. Web Wallet: Preventing Phishing Attacks by Revealing User Intentions, Symposium on Usable Privacy and Security (SOUPS) 2006, July 12-14, 2006, Pittsburgh, PA, USA.
17. SpoofGuard. http://crypto.stanford.edu/SpoofGuard/.
18. NetCraft, Netcraft Anti-Phishng Toolbar. http://toolbar.netcraft.com/.
19. Google Safe Browsing for Firefox. http://www.google.com/tools/firefox/ safebrowsing
20. EarthLink Tool. http://www.earthlink.net/software/free/toolbar/.
21. GeoTrust, Inc. TrustWatch Tool. http://toolbar.trustwatch.com/tour/v3ie/ toolbar-v3ie-touroverview.html.
22. CallingID, Ltd. http://www.callingid.com/DesktopSolutions/ CallingIDToolbar.aspx.
23. eBay Toolbar's Account Guard. http://pages.ebay.com/help/confidence/ account-guard.html.
24. B. Ross, C. Jackson, N. Miyake et al. Mitchell. Stronger Password Authentication Using Browser Extensions, Proceedings of the 14th Usenix Security Symposium, 2005.
25. K. P. Yee and Kragen Sitaker. Passpet: Convenient Password Management and Phishing Protection. Symposium On Usable Privacy and Security (SOUPS) 2006, July 12-14, 2006, Pittsburgh, PA, USA.
26. D. Florencio and C. Herley. Stopping a Phishing Attack, Even when the Victims Ignore Warnings, Microsoft Research (MSR), Tech. Rep. MSR-TR-2005-142, 2005.
27. Single Sign-On. http://www.opengroup.org/security/sso/.
28. Cosign.http://www.umich.edu/̃umweb/software/cosign/overview.html
29. V. P. Deshpande, R. F. Erbacher, C. Harris. An Evaluation of Naýve Bayesian Anti-Spam Filtering Techniques. Information Assurance and Security Workshop, 2007. IAW '07. IEEE SMC 20-22 June 2007: 333 - 340
30. Y. Zhang, S. Egelman, L. Cranor and J. Hong. Phinding Phish: Evaluating Anti-Phishing Tools. In Proceedings of the 14th Annual Network & Distributed System Security Symposium (NDSS 2007), San Diego, CA, 2007
31. Microsoft Corporation. Internet Explorer 7. http://www.microsoft.com/ windows/ie/default.mspx
32. C. Karlof, J.D. Tygar, D. Wagner, et al. Dynamic Pharming Attacks and Locked Same-origin Policies for Web Browsers. ACM CCS 2007. November 2007 : 58 - 71.
33. W. Han, Y. Wang, Y. Cao, et al. Anti-Phishing by Smart Mobile Device, IFIP International Conference on Network and Parallel Computing, 2007, Dalian, China: 295-300.