SPS: A Simple Filtering Algorithm to Thwart Phishing Attacks

In this paper, we explain that by only applying a simple filtering algorithm into various proxy systems, almost all phishing attacks can be blocked without loss of convenience to the user. We propose a system based on a simple filtering algorithm which we call the Sanitizing Proxy System (SPS). The key idea of SPS is that Web phishing attack can be immunized by removing part of the content that traps novice users into entering their personal information. Also, since SPS sanitizes all HTTP responses from suspicious URLs with warning messages, novice users will realize that they are browsing phishing sites. The SPS filtering algorithm is very simple and can be described in roughly 20 steps, and can also be built in any proxy system, such as a server solution, a personal firewall or a browser plug-in. By using SPS with a transparent proxy server, novice users will be protected from almost all Web phishing attacks even if novice users misbehave. With a deployment model, robustness and evaluation, we discuss the feasibility of SPS in today’s network operations.

[1]  Jonathan J. Oliver,et al.  Anatomy of a Phishing Email , 2004, CEAS.

[2]  Roy T. Fielding,et al.  Hypertext Transfer Protocol - HTTP/1.1 , 1997, RFC.

[3]  Marianne Loock,et al.  Characteristics and responsibilities involved in a Phishing attack , 2005 .

[4]  J. Doug Tygar,et al.  Phish and HIPs: Human Interactive Proofs to Detect Phishing Attacks , 2005, HIP.

[5]  Min Wu,et al.  Do security toolbars actually prevent phishing attacks? , 2006, CHI.

[6]  Markus Jakobsson,et al.  Modeling and Preventing Phishing Attacks , 2005, Financial Cryptography.

[7]  Susan Hohenberger,et al.  Separable Identity-Based Ring Signatures : Theoretical Foundations For Fighting Phishing Attacks , 2005 .

[8]  G. Tally,et al.  Anti-Phishing: Best Practices for Institutions and Consumers , 2004 .

[9]  John C. Mitchell,et al.  Client-Side Defense Against Web-Based Identity Theft , 2004, NDSS.

[10]  Xiaotie Deng,et al.  Detection of phishing webpages based on visual similarity , 2005, WWW '05.

[11]  Ronald L. Rivest,et al.  Fighting Phishing Attacks: A Lightweight Trust Architecture for Detecting Spoofed Emails , 2005 .

[12]  Amir Herzberg,et al.  TrustBar: Protecting (even Naïve) Web Users from Spoofing and Phishing Attacks , 2004 .

[13]  Dan S. Wallach,et al.  Web Spoofing: An Internet Con Game , 1997 .

[14]  Markus Jakobsson,et al.  Distributed Phishing Attacks , 2005, IACR Cryptol. ePrint Arch..

[15]  Alberto Cerpa,et al.  Internet Content Adaptation Protocol (ICAP) , 2003, RFC.

[16]  Christopher Krügel,et al.  Protecting users against phishing attacks with AntiPhish , 2005, 29th Annual International Computer Software and Applications Conference (COMPSAC'05).

[17]  J. Doug Tygar,et al.  The battle against phishing: Dynamic Security Skins , 2005, SOUPS '05.

[18]  Daniel P. Lopresti,et al.  Human Interactive Proofs, Second International Workshop, HIP 2005, Bethlehem, PA, USA, May 19-20, 2005, Proceedings , 2005, HIP.