IJITCS Vol. 8, No. 2, 8 Feb. 2016
Cover page and Table of Contents: PDF (size: 509KB)
Full Text (PDF, 509KB), PP.78-84
Views: 0 Downloads: 0
Web browser, Add-on, Phishing, Anti-phishing, Phishing Indicators
In the phishing attack, the user sends their confidential information on mimic websites and face the financial problem, so the user should be informed immediately about the visiting website. According to the Third Quarter Phishing Activity Trends Report, there are 55,282 new phishing websites have been detected in the month of July 2014. To solve the phishing problem, a browser based add-on system may be one of the best solution to aware the user about the website type. In this paper, a novel browser based add-on system is proposed and compared its performance with the existing anti-phishing tools. The proposed anti-phishing tool 'ePhish' is compared with the existing browser based anti-phishing toolbars. All the anti-phishing tools have been installed in computer systems at an autonomous college to check their performance. The obtained result shows that if the task is divided into a group of systems, it can give better results. For different phishing features, the add-on system tool show around 97 percentage successful results at different case conditions. The current study would be very helpful to countermeasure the phishing attach and the proposed system is able to protect the user by phishing attacks. Since the system tool is capable of handling and managing the phishing website details, so it would be helpful to identify the category of the websites.
Rajendra Gupta, Piyush Kumar Shukla, "Experimental Analysis of Browser based Novel Anti-Phishing System Tool at Educational Level", International Journal of Information Technology and Computer Science(IJITCS), Vol.8, No.2, pp.78-84, 2016. DOI:10.5815/ijitcs.2016.02.10
[1]Market Share Statistics for Internet Technologies, http://marketshare.hitslink.com/search-engine-market-share.aspx? qprid=4&qpcustomd=0, April 2014.
[2]Egelman S., Cranor L.F. and Hong J. “You've been warned: an empirical study of the effectiveness of web browser phishing warnings. In CHI '08: Proceeding of the twenty sixth annual SIGCHI conference on Human factors in computing systems New York, NY, USA, ACM, 2008, pp. 1065-1074.
[3]Jiang Hansi, Zhang Dongsong, Yan Zhijun, “A Classification Model for Detection of Chinese Phishing e-Business Websites”, PACIS Proceedings. Paper 152, 2013.
[4]Zhuang Weiwei, Jiang Qingshan, Xiong Tengke, “An Intelligent Anti-phishing Strategy Model for Phishing Website Detection”, IEEE Computer Society, 32nd International Conference on Distributed Computing Systems Workshops, 2012.
[5]Balamuralikrishna T., Raghavendrasai N., Satya Sukumar M., “Mitigating Online Fraud by Ant phishing Model with URL & Image based Webpage Matching”, International Journal of Scientific & Engineering Research Volume 3, Issue 3, March-2012, pp.1-6.
[6]Madhuri S. Arade, Bhaskar P.C., Kamat R.K., “Antiphishing Model with URL & Image based Webpage Matching”, International Conference & Workshop on Recent Trends in Technology, (TCET), Proceedings published in International Journal of Computer Applications? (IJCA), 2012, pp 18-23.
[7]Aburrous Maher, Hossain M.A., Dahal Keshav, Thabatah Fadi, “Modelling Intelligent Phishing Detection System for e-Banking using Fuzzy Data Mining”, IEEE Computer Society, International Conference on CyberWorlds, 2009, pp. 265-272.
[8]Zhuang W., Ye Y., Li T., Jiang Q. “Intelligent phishing website detection using classification ensemble Systems Engineering Theory & Practice”, Volume 31(10), 2011, P2008-2020.
[9]JungMin Kang, Lee DoHoon, “Advanced White List Approach for Preventing Access to Phishing Sites” International Conference on Convergence Information Technology (ICCIT 2007), 2007, pp.491–496.
[10]Abbasi Ahmed, Fatemeh “Mariam” Zahedi and Yan Chen, “Impact of Anti-Phishing Tool Performance on Attack Success Rates”, 10th IEEE International Conference on Intelligence and Security Informatics (ISI) Washington, D.C., USA, June 11-14, 2012.
[11]Abbasi A. and Chen H. “A Comparison of Fraud Cues and Classification Methods for Fake Escrow Website Detection,” Information Technology and Management, Vol. 10(2), 2009, pp. 83-101.
[12]Bansal G., Zahedi F.M., and Gefen D., “The Impact of Personal Dispositions on Information Sensitivity, Privacy Concern and Trust in Disclosing Health Information Online,” Decision Support Systems, Vol. 49(2), 2010, pp. 138-150.
[13]Chen Y., Zahedi F.M., and Abbasi A., “Interface Design Elements for Anti-phishing Systems,” In Proc. Intl. Conf. Design Science Research in Information Systems and Technology, 2011, pp. 253- 265.
[14]Grazioli S. and Jarvenpaa S.L., “Perils of Internet Fraud: An Empirical Investigation of Deception and Trust with Experienced Internet Consumers,” IEEE Trans. Systems, Man, and Cybernetics Part A, vol. 20(4), 2000, pp. 395-410.
[15]Martin A., Anutthamaa Na.Ba., Sathyavathy M., Marie Manjari Saint Francois, Dr. Venkatesan Prasanna, “A Framework for Predicting Phishing Websites Using Neural Networks”, IJCSI International Journal of Computer Science Issues, Vol. 8, Issue 2, March 2011, pp. 330-336.
[16]Aburrous Maher, Hossain M.A., Dahal Keshav, Thabtah Fadi, “Intelligent phishing detection system for e-banking using fuzzy data mining”, Expert Systems with Applications: An International Journal Vol. 37 Issue 12, 2010.
[17]Zhang H., Liu G., Chow T., Liu W., “Textual and Visual Content-Based Anti-Phishing: A Bayesian Approach”, IEEE Transactions on Neural Networks, 22(10), 2011, pp. 1532–1546.
[18]Herzberg A. and Jbara A. “Security and identification indicators for browsers against spoofing and phishing attacks”, ACM Transactions on Internet Technology, 8(4), 2008, pp. 1-36.
[19]Prakash P., Kumar M., Kompella R.R., and Gupta M., “Phish-Net: predictive blacklisting to detect phishing attacks,” in IEEE INFOCOM Proceedings. San Diego, California, USA: IEEE, March, 2010, pp. 1–5.
[20]Garera S., Provos N., Chew M., and Rubin A. D., “A framework for detection and measurement of phishing attacks.” Alexandria, Viriginia, USA: ACM, 2007, pp. 1–8.
[21]Dunlop Matthew, Groat Stephen, and Shelly David, “GoldPhish: Using Images for Content-Based Phishing Analysis”, The Fifth International Conference on Internet Monitoring and Protection, IEEE Computer Society, 2010, pg. 123-128.
[22]Chou N., Ledesma R., Teraguchi Y., Boneh D., and Mitchell J. “Client-side defense against web-based identity theft”. In 11th Network and Distributed System Security Symposium (NDSS), 2004
[23]Ross B., Jackson C., Miyake N., Boneh D., and Mitchell J. “Stronger Password Authentication Using Browser Extensions”, in 14th Usenix Security Symposium, 2005
[24]Microsoft. Sender ID Framework Overview (2005). http://www.microsoft.com
[25]Yahoo. Yahoo! Anti-Spam Resource Center (2006). http://antispam.yahoo.com
[26]Hara M., Yamada A., and Miyake Y., “Visual similarity-based phishing detection without victim site information.” Nashville, Tennessee, USA: IEEE, April 2009, pp. 30–36.
[27]Zhang Y., Egelman S., Cranor L., and Hong J., “Phinding phish: Evaluating Anti-Phishing tools,” in Proceedings of the 14th Annual Network & Distributed System Security Symposium, San Diego, California, USA, 2007.
[28]Zhang Y., Hong J., and Cranor L., “CANTINA: A Content-Based approach to detecting phishing web sites,” in Proceedings of the 16th international conference on Worldwide Web. Banff, Alberta, Canada: ACM, 2007, pp. 639–648.
[29]Dunlop Matthew, Groat Stephen, and Shelly David, “GoldPhish: Using Images for Content-Based Phishing Analysis”, The Fifth International Conference on Internet Monitoring and Protection, IEEE Computer Society, 2010.
[30]Masoumeh Zareapoor, Seeja K. R, “Feature Extraction or Feature Selection for Text Classification: A Case Study on Phishing Email Detection”, International Journal of Information Engineering and Electronic Business (IJIEEB), Vol. 7, No. 2, PP.60-65, March, 2015
[31]Gaurav, Mishra Madhuresh, Jain Anurag, “Anti-Phishing Techniques: A Review, International Journal of Engineering Research and Applications (IJERA), Vol. 2, Issue 2, Mar-Apr 2012, pp.350-355.
[32]Minal Chawla, Siddarth Singh Chouhan, “A Survey of Phishing Attack Techniques, International Journal of Computer Applications, Vo.l 93, No. 3, 2014 pp. 32-35.