论文信息 - An Intrusion Detection System for Detecting Phishing Attacks

An Intrusion Detection System for Detecting Phishing Attacks

In this paper we present a hybrid system to protect private data from phishing attacks. Our solution uses intrusion detection methods to identify potential phishing emails then relies on web crawlers to validate or reject this suspicion. We also use external information coming through RDF Site Summaries (RSS) alerts about potential phishing sites. Our two-layered phishing detection system reside on the server of the organization, thus it is not vulnerable to blocking attacks targeting web browsers.

Duminda Wijesekera | Csilla Farkas | Hasika Pamunuwa

[1] Wei-Ying Ma,et al. Detecting web page structure for adaptive viewing on small form factor devices , 2003, WWW '03.

[2] Niels Provos,et al. A Virtual Honeypot Framework , 2004, USENIX Security Symposium.

[3] John C. Mitchell,et al. Client-Side Defense Against Web-Based Identity Theft , 2004, NDSS.

[4] Olivier Bonaventure,et al. The HoneyTank: a scalable approach to collect malicious internet traffic , 2008, Int. J. Crit. Infrastructures.

[5] Norman M. Sadeh,et al. Learning to detect phishing emails , 2007, WWW '07.

[6] Lorrie Faith Cranor,et al. Cantina: a content-based approach to detecting phishing web sites , 2007, WWW '07.

[7] Xiaotie Deng,et al. Detection of phishing webpages based on visual similarity , 2005, WWW '05.