PHISHPIN: AN INTEGRATED, IDENTITY-BASED ANTI-PHISHING APPROACH

被引:0
|
作者
Tout, Hicham [1 ]
机构
[1] Nova SE Univ, Sch Comp & Informat Sci, Ft Lauderdale, FL 33314 USA
来源
SECRYPT 2009: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY | 2009年
关键词
Phishing; Spam; Information security; Identity theft; Social engineering; Encryption; Hash algorithms; One time password; Digital certificates; Online scams; Web; Pharming;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Phishing is a social engineering technique used to fraudulently acquire sensitive information from users by masquerading as a legitimate entity. One of the primary goals of phishing is to illegally carry fraudulent financial transactions on behalf of users. The two primary vulnerabilities exploited by phishers are: Inability of non-technical/unsophisticated users to always identify spoofed emails or Web sites; and the relative ease with which phishers masquerade as legitimate Web sites. This paper presents Phishpin, an approach that leverages the concepts of mutual authentication to require online entities to prove their identities. To this end, Phishpin builds on One-Time-Password, DNS, partial credentials sharing, & client filtering to prevent phishers from masquerading as legitimate online entities.
引用
收藏
页码:369 / 374
页数:6
相关论文
共 50 条
  • [1] Dynamic identity-based single password anti-phishing protocol
    Sood, Sandeep K.
    Sarje, Anil K.
    Singh, Kuldip
    SECURITY AND COMMUNICATION NETWORKS, 2011, 4 (04) : 418 - 427
  • [2] An Approach to the Implementation of the Anti-Phishing Tool for Phishing Websites Detection
    Alnajim, Abdullah
    Munro, Malcolm
    2009 INTERNATIONAL CONFERENCE ON INTELLIGENT NETWORKING AND COLLABORATIVE SYSTEMS (INCOS 2009), 2009, : 105 - +
  • [3] A new approach creating an anti-phishing seal
    Luca, Daniel L.
    5th RoEduNet IEEE International Conference, Proceedings, 2006, : 110 - 112
  • [4] A Honeypots Based Anti-Phishing Framework
    Chauhan, Shubhika
    Shiwani, Savita
    2014 INTERNATIONAL CONFERENCE ON CONTROL, INSTRUMENTATION, COMMUNICATION AND COMPUTATIONAL TECHNOLOGIES (ICCICCT), 2014, : 618 - 625
  • [5] An Anti-Phishing Approach that Uses Training Intervention for Phishing Websites Detection
    Alnajim, Abdullah
    Munro, Malcolm
    PROCEEDINGS OF THE 2009 SIXTH INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY: NEW GENERATIONS, VOLS 1-3, 2009, : 405 - 410
  • [6] A Study of Anti-phishing Strategies Based on TRIZ
    Qi, Ming
    Zou, Chang-Yi
    NSWCTC 2009: INTERNATIONAL CONFERENCE ON NETWORKS SECURITY, WIRELESS COMMUNICATIONS AND TRUSTED COMPUTING, VOL 2, PROCEEDINGS, 2009, : 536 - 538
  • [7] Textual and Visual Content-Based Anti-Phishing: A Bayesian Approach
    Zhang, Haijun
    Liu, Gang
    Chow, Tommy W. S.
    Liu, Wenyin
    IEEE TRANSACTIONS ON NEURAL NETWORKS, 2011, 22 (10): : 1532 - 1546
  • [8] An Anti-Phishing Method based on Feature Analysis
    Rajab, Majed
    2ND INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND SOFT COMPUTING (ICMLSC 2018), 2015, : 133 - 139
  • [9] Classification of Anti-phishing Solutions
    Chanti S.
    Chithralekha T.
    SN Computer Science, 2020, 1 (1)
  • [10] A Secured Methodology for Anti-Phishing
    Churi, Tanvi
    Sawardekar, Pranay
    Pardeshi, Abhijeet
    Vartak, Pallavi
    2017 INTERNATIONAL CONFERENCE ON INNOVATIONS IN INFORMATION, EMBEDDED AND COMMUNICATION SYSTEMS (ICIIECS), 2017,
12345