| 摘要(英) |
Phishing, a malicious behavior that steals Internet users’ sensitive information, is a critical threat on the Internet. In general, attackers prepare a forged web page and then send a large number of spoofed e-mails in order to trick more victims. Therefore the approaches of defending phishing attacks can generally be classified into two categories: filters for e-mail or those for web page. However, none of the solutions are foolproof.
In this paper, we propose a novel scheme, which collects phishing URL information and makes a counterattack to those phishing web sites, so that they are no longer able to attack other networks. We describe the design on routers. The goal is to inject a great deal of fake data into the database which phishers use to collect victims’ data. This research presents a proactive defense mechanism; we protect users even if they have been tricked to leak their private information to phishers.
|
| 參考文獻 |
References
[1] Gartner Press Release. “Gartner Says Number of Phishing Attacks on U.S. Consumers Increased 40 Percent in 2008,” http://www.gartner.com/it/page.jsp?id=936913
[2] Yue Zhang, Jason Hong, Lorrie Cranor, “CANTINA: A Content-Based Approach to Detecting Phishing Web Sites,” the 16th International World Wide Web Conference (WWW 2007)
[3] Anti Phishing Working Group, “Phishing Activity Trends Report, Q4 2009,” 2010 http://www.antiphishing.org/reports/apwg_report_Q4_2009.pdf
[4] D. Kevin McGrath, Minaxi Gupta, “Behind Phishing: An Examination of Phisher Modi Operandi,” Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats, http://portal.acm.org/citation.cfm?id=1387713
[5] “Domain Name System Blacklists” http://www.dnsbl.info/
[6] Ian Fette, Norman Sadeh, Anthony Tomasic, “Learning to Detect Phishing Emails,” ISRI Technical Report, CMU-ISRI-06-112, 2006. http://reportsarchive.adm.cs.cmu.edu/anon/isri2006/abstracts/06-112.html
[7] “Google Safe Browsing,” http://www.google.com/tools/firefox/safebrowsing/.
[8] “Netcraft anti-phishing tool bar,” http://toolbar.netcraft.com/.
[9] “Phishing Filter for Internet Explorer 7,” http://www.ie-vista.com/phishing.html.
[10] “SpoofGuard,” http://crypto.stanford.edu/SpoofGuard/
[11] R. Dhamija, J. D. Tygar, and M. Hearst, “Why Phishing Works,” in Proceedings of the Conference on Human Factors in Computing Systems (CHI) 2006, Montreal, Canada, ACM Press, 2006. http://people.seas.harvard.edu/~rachna/papers/
why_phishing_works.pdf
[12] Min Wu, Robert C. Miller and Simson L. Garfinkel, “Do Security Toolbars Actually Prevent Phishing Attacks?” In Proceedings of ACM Conference on Human Factors in Computing Systems (CHI2006)
[13] E. Kirda and C. Kruegel, “Protecting Users against Phishing Attacks,” the Computer Journal, 2006 http://comjnl.oxfordjournals.org/cgi/reprint/49/5/554
[14] Angelo Rosiello, Christopher Kruegel, Engin Kirda and Fabrizio Ferrandi, “A layout-similarity-based approach for detecting phishing pages,” 3rd International Conference on Security and Privacy in Communication Networks (SecureComm 2007)
[15] “PwdHash,” http://crypto.stanford.edu/PwdHash/
[16] “PhishTank,” http://www.phishtank.com/
[17] “Alexa Internet,” http://www.alexa.com/
|
[Endnote RIS 格式]
[相關文章]
[文章引用]
[完整記錄]
[館藏目錄]
至系統瀏覽論文 ( 永不開放)
plurk
funp
live
udn
HD
myshare
netvibes
friend
youpush
delicious
baidu
Google bookmarks
del.icio.us
hemidemi
facebook
twitter
google
reddit