SlideShare uma empresa Scribd logo

Towards detecting phishing web pages

Shuvradeb Barman Srijon
Shuvradeb Barman Srijon
TecnologiaNegócios
1 de 15
 Cyber Crime- the major concern.  Internet frauds affect the rapidly growing online services.  E-commerce is the main target.  Social communication sites and mail service are also victim of them.  Phishing is an alarming threat.  Technical steps needed to defend them. 2
PROBLEM STATEMENT  Phishing attacks succeed if users fail to detect phishing sites.  Previous anti-phishing falls into four categories:  Study on phishing  Training people  User interface  Detection tools  Previous works deals with limited service.  Our approach- Development of an automated phishing detection method. 3
PHISHING?  A criminal trick of stealing sensitive personal information.  Fooled user and push them to fall in the trick.  Use social engineering and technical strategy.  Mainly, duplicate original web-pages.  First describe in 1987. 4
ATTRIBUTES OF PHISHING  Similar appearance of web-page.  IP based URL & Non Matching URL.  URL contain abnormal characters.  Misspelled URL.  Using script or add-in to web browser to cover the address bar. 5
PHISHING STATS  According to APWG  According to PhishTank Phishes Verified as Valid Suspected Phishes Submitted Total 531086 Total 928206 Online 2770 Online 3021 Offline 528316 Offline 925174 Total phishing attack. (Up to 6th April 2010) 6
ANTI-PHISHING  Social response  Educating people.  Changing habit.  Technical support  Identify phishing site.  Implementation of secure model.  Browser alert.  Eliminating phishing mails.  Monitoring and Takedown. 7
METHODOLOGY Step 1: Checking with database 8 ? ?
METHODOLOGY Step 2: Checking abnormal conditions 9 ? ? ?
METHODOLOGY Step 2: Search for new Phishing 10 ? ? ?? ?
RESULTS 11
EXPERIMENTAL ANALYSIS Approach Accuracy Time (second) IP based URL 100% 17 Exists in phishing database 97% 59 Matching source content 81% 134 Abnormal condition 79% 51 12
DISCUSSION  Our approach reduces the ability of attackers to automate their attacks, cutting into their profitability.  By using the minimal knowledge base provided by the user-selected web-page, our system is able to compare potential phishing sites with real sites.  Performance and accuracy can be improved by using an image segmentation algorithm.  Flash contents can’t be validated whether phishing threat or not in our system. 13
REFERENCES  Anti-Phishing Working Group (APWG). http://www.antiphishing.org/ . April 7 2010.  PhishTank. http://www.phishtank.com/. April 6 2010.  Y. Zhang, J. Hong, and L. Cranor. Cantina: A content-based approach to detecting phishing web sites. 16th international conference on World Wide Web in 2007.  Felix, Jerry and Hauck, Chris (September 1987). "System Security: A Hacker's Perspective". 1987 Interex Proceedings 1: 6. 14
THANK YOU 15

Recomendados

Phishing detection & protection scheme
Phishing detection & protection schemePhishing detection & protection scheme
Phishing detection & protection scheme
Mussavir Shaikh
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTION
umme ayesha
 
36.44.final
36.44.final36.44.final
36.44.final
meraz rizel
 
thesis 36 44 Final
thesis 36 44 Finalthesis 36 44 Final
thesis 36 44 Final
meraz rizel
 
10 Steps to Creating a Corporate Phishing Awareness Program
10 Steps to Creating a Corporate Phishing Awareness Program10 Steps to Creating a Corporate Phishing Awareness Program
10 Steps to Creating a Corporate Phishing Awareness Program
Wiley
 
36 44 Final
36 44 Final36 44 Final
36 44 Final
meraz rizel
 
Teaching Your Staff About Phishing
Teaching Your Staff About PhishingTeaching Your Staff About Phishing
Teaching Your Staff About Phishing
Legal Services National Technology Assistance Project (LSNTAP)
 
NASA Cyber Security Webinar: Phishing Detection Strategies
NASA Cyber Security Webinar: Phishing Detection StrategiesNASA Cyber Security Webinar: Phishing Detection Strategies
NASA Cyber Security Webinar: Phishing Detection Strategies
Paubox, Inc.
 

Recomendados

Phishing detection & protection scheme
Phishing detection & protection schemePhishing detection & protection scheme
Phishing detection & protection scheme
Mussavir Shaikh
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTION
umme ayesha
 
36.44.final
36.44.final36.44.final
36.44.final
meraz rizel
 
thesis 36 44 Final
thesis 36 44 Finalthesis 36 44 Final
thesis 36 44 Final
meraz rizel
 
10 Steps to Creating a Corporate Phishing Awareness Program
10 Steps to Creating a Corporate Phishing Awareness Program10 Steps to Creating a Corporate Phishing Awareness Program
10 Steps to Creating a Corporate Phishing Awareness Program
Wiley
 
36 44 Final
36 44 Final36 44 Final
36 44 Final
meraz rizel
 
Teaching Your Staff About Phishing
Teaching Your Staff About PhishingTeaching Your Staff About Phishing
Teaching Your Staff About Phishing
Legal Services National Technology Assistance Project (LSNTAP)
 
NASA Cyber Security Webinar: Phishing Detection Strategies
NASA Cyber Security Webinar: Phishing Detection StrategiesNASA Cyber Security Webinar: Phishing Detection Strategies
NASA Cyber Security Webinar: Phishing Detection Strategies
Paubox, Inc.
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
shindept123
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
Sanjay Kumar
 
Phishing awareness
Phishing awarenessPhishing awareness
Phishing awareness
PhishingBox
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasures
Jorge Sebastiao
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing Attacks
Jagan Mohan
 
Phishing
PhishingPhishing
Phishing
SaurabhKantSahu1
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing Attacks
SysCloud
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
ControlScan, Inc.
 
Ransomware
RansomwareRansomware
Ransomware
DeepakKumar4980
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
shindept123
 
PHISHING PROTECTION
PHISHING PROTECTION PHISHING PROTECTION
PHISHING PROTECTION
KaterynaPetrova4
 
Phishing Technology
Phishing TechnologyPhishing Technology
Phishing Technology
AvishekMondal15
 
Phishing Presentation
Phishing Presentation Phishing Presentation
Phishing Presentation
Nikolaos Georgitsopoulos
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
Pankaj Yadav
 
Phishing
PhishingPhishing
Phishing
North Carolina State University
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hacking
Md. Mehadi Hassan Bappy
 
Phishing - A modern web attack
Phishing - A modern web attackPhishing - A modern web attack
Phishing - A modern web attack
Karthik
 
Phishing
PhishingPhishing
Phishing
anjalika sinha
 
PhishingBox Presents 'What is Phishing' 2017
PhishingBox Presents 'What is Phishing' 2017PhishingBox Presents 'What is Phishing' 2017
PhishingBox Presents 'What is Phishing' 2017
Ryan Hardesty
 
Phishing & Pharming
Phishing & PharmingPhishing & Pharming
Phishing & Pharming
Devendra Yadav
 
IEEE 1599 Music Encoding and Interaction
IEEE 1599 Music Encoding and InteractionIEEE 1599 Music Encoding and Interaction
IEEE 1599 Music Encoding and Interaction
Shuvradeb Barman Srijon
 
Introduction to Hybrid SLI Technology
Introduction to Hybrid SLI TechnologyIntroduction to Hybrid SLI Technology
Introduction to Hybrid SLI Technology
Shuvradeb Barman Srijon
 

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Phishing awareness
Phishing awarenessPhishing awareness
Phishing awareness
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasures
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing Attacks
 
Phishing
PhishingPhishing
Phishing
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing Attacks
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
 
Ransomware
RansomwareRansomware
Ransomware
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
PHISHING PROTECTION
PHISHING PROTECTION PHISHING PROTECTION
PHISHING PROTECTION
 
Phishing Technology
Phishing TechnologyPhishing Technology
Phishing Technology
 
Phishing Presentation
Phishing Presentation Phishing Presentation
Phishing Presentation
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
 
Phishing
PhishingPhishing
Phishing
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hacking
 
Phishing - A modern web attack
Phishing - A modern web attackPhishing - A modern web attack
Phishing - A modern web attack
 
Phishing
PhishingPhishing
Phishing
 
PhishingBox Presents 'What is Phishing' 2017
PhishingBox Presents 'What is Phishing' 2017PhishingBox Presents 'What is Phishing' 2017
PhishingBox Presents 'What is Phishing' 2017
 
Phishing & Pharming
Phishing & PharmingPhishing & Pharming
Phishing & Pharming
 

Destaque

Study: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving CarsStudy: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving Cars
LinkedIn
 

Destaque (6)

IEEE 1599 Music Encoding and Interaction
IEEE 1599 Music Encoding and InteractionIEEE 1599 Music Encoding and Interaction
IEEE 1599 Music Encoding and Interaction
 
Introduction to Hybrid SLI Technology
Introduction to Hybrid SLI TechnologyIntroduction to Hybrid SLI Technology
Introduction to Hybrid SLI Technology
 
Cheatsheet of msdos
Cheatsheet of msdosCheatsheet of msdos
Cheatsheet of msdos
 
Italian vowel triangle with IPA
Italian vowel triangle with IPAItalian vowel triangle with IPA
Italian vowel triangle with IPA
 
Hype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerHype vs. Reality: The AI Explainer
Hype vs. Reality: The AI Explainer
 
Study: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving CarsStudy: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving Cars
 

Semelhante a Towards detecting phishing web pages

Artificial intelligence presentation slides.pptx
Artificial intelligence presentation slides.pptxArtificial intelligence presentation slides.pptx
Artificial intelligence presentation slides.pptx
rakhicse
 
[IJET V2I5P15] Authors: V.Preethi, G.Velmayil
[IJET V2I5P15] Authors: V.Preethi, G.Velmayil[IJET V2I5P15] Authors: V.Preethi, G.Velmayil
[IJET V2I5P15] Authors: V.Preethi, G.Velmayil
IJET - International Journal of Engineering and Techniques
 
PHISHING URL DETECTION USING LSTM BASED ENSEMBLE LEARNING APPROACHES
PHISHING URL DETECTION USING LSTM BASED ENSEMBLE LEARNING APPROACHESPHISHING URL DETECTION USING LSTM BASED ENSEMBLE LEARNING APPROACHES
PHISHING URL DETECTION USING LSTM BASED ENSEMBLE LEARNING APPROACHES
IJCNCJournal
 
Phishing URL Detection using LSTM Based Ensemble Learning Approaches
Phishing URL Detection using LSTM Based Ensemble Learning ApproachesPhishing URL Detection using LSTM Based Ensemble Learning Approaches
Phishing URL Detection using LSTM Based Ensemble Learning Approaches
IJCNCJournal
 
A Novel Approach for Phishing Emails Real Time Classification Using K-Means A...
A Novel Approach for Phishing Emails Real Time Classification Using K-Means A...A Novel Approach for Phishing Emails Real Time Classification Using K-Means A...
A Novel Approach for Phishing Emails Real Time Classification Using K-Means A...
IJECEIAES
 
Malicious-URL Detection using Logistic Regression Technique
Malicious-URL Detection using Logistic Regression TechniqueMalicious-URL Detection using Logistic Regression Technique
Malicious-URL Detection using Logistic Regression Technique
Dr. Amarjeet Singh
 
PHISHING DETECTION IN IMS USING DOMAIN ONTOLOGY AND CBA – AN INNOVATIVE RULE ...
PHISHING DETECTION IN IMS USING DOMAIN ONTOLOGY AND CBA – AN INNOVATIVE RULE ...PHISHING DETECTION IN IMS USING DOMAIN ONTOLOGY AND CBA – AN INNOVATIVE RULE ...
PHISHING DETECTION IN IMS USING DOMAIN ONTOLOGY AND CBA – AN INNOVATIVE RULE ...
ijistjournal
 
Phishing detection in ims using domain ontology and cba an innovative rule ...
Phishing detection in ims using domain ontology and cba an innovative rule ...Phishing detection in ims using domain ontology and cba an innovative rule ...
Phishing detection in ims using domain ontology and cba an innovative rule ...
ijistjournal
 

Semelhante a Towards detecting phishing web pages (20)

Major Prc.pptx
Major Prc.pptxMajor Prc.pptx
Major Prc.pptx
 
Phishing Website Detection using Classification Algorithms
Phishing Website Detection using Classification AlgorithmsPhishing Website Detection using Classification Algorithms
Phishing Website Detection using Classification Algorithms
 
Artificial intelligence presentation slides.pptx
Artificial intelligence presentation slides.pptxArtificial intelligence presentation slides.pptx
Artificial intelligence presentation slides.pptx
 
Iy2515891593
Iy2515891593Iy2515891593
Iy2515891593
 
Iy2515891593
Iy2515891593Iy2515891593
Iy2515891593
 
Literature Review.docx
Literature Review.docxLiterature Review.docx
Literature Review.docx
 
IRJET - Chrome Extension for Detecting Phishing Websites
IRJET - Chrome Extension for Detecting Phishing WebsitesIRJET - Chrome Extension for Detecting Phishing Websites
IRJET - Chrome Extension for Detecting Phishing Websites
 
phishing in computer science engineering.pptx
phishing in computer science engineering.pptxphishing in computer science engineering.pptx
phishing in computer science engineering.pptx
 
[IJET V2I5P15] Authors: V.Preethi, G.Velmayil
[IJET V2I5P15] Authors: V.Preethi, G.Velmayil[IJET V2I5P15] Authors: V.Preethi, G.Velmayil
[IJET V2I5P15] Authors: V.Preethi, G.Velmayil
 
IRJET- A Survey on Automatic Phishing Email Detection using Natural Langu...
IRJET- A Survey on Automatic Phishing Email Detection using Natural Langu...IRJET- A Survey on Automatic Phishing Email Detection using Natural Langu...
IRJET- A Survey on Automatic Phishing Email Detection using Natural Langu...
 
IRJET- Detecting the Phishing Websites using Enhance Secure Algorithm
IRJET- Detecting the Phishing Websites using Enhance Secure AlgorithmIRJET- Detecting the Phishing Websites using Enhance Secure Algorithm
IRJET- Detecting the Phishing Websites using Enhance Secure Algorithm
 
HIGH ACCURACY PHISHING DETECTION
HIGH ACCURACY PHISHING DETECTIONHIGH ACCURACY PHISHING DETECTION
HIGH ACCURACY PHISHING DETECTION
 
PHISHING URL DETECTION USING LSTM BASED ENSEMBLE LEARNING APPROACHES
PHISHING URL DETECTION USING LSTM BASED ENSEMBLE LEARNING APPROACHESPHISHING URL DETECTION USING LSTM BASED ENSEMBLE LEARNING APPROACHES
PHISHING URL DETECTION USING LSTM BASED ENSEMBLE LEARNING APPROACHES
 
Phishing URL Detection using LSTM Based Ensemble Learning Approaches
Phishing URL Detection using LSTM Based Ensemble Learning ApproachesPhishing URL Detection using LSTM Based Ensemble Learning Approaches
Phishing URL Detection using LSTM Based Ensemble Learning Approaches
 
A Novel Approach for Phishing Emails Real Time Classification Using K-Means A...
A Novel Approach for Phishing Emails Real Time Classification Using K-Means A...A Novel Approach for Phishing Emails Real Time Classification Using K-Means A...
A Novel Approach for Phishing Emails Real Time Classification Using K-Means A...
 
Malicious-URL Detection using Logistic Regression Technique
Malicious-URL Detection using Logistic Regression TechniqueMalicious-URL Detection using Logistic Regression Technique
Malicious-URL Detection using Logistic Regression Technique
 
IRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing Techniques
 
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
 
PHISHING DETECTION IN IMS USING DOMAIN ONTOLOGY AND CBA – AN INNOVATIVE RULE ...
PHISHING DETECTION IN IMS USING DOMAIN ONTOLOGY AND CBA – AN INNOVATIVE RULE ...PHISHING DETECTION IN IMS USING DOMAIN ONTOLOGY AND CBA – AN INNOVATIVE RULE ...
PHISHING DETECTION IN IMS USING DOMAIN ONTOLOGY AND CBA – AN INNOVATIVE RULE ...
 
Phishing detection in ims using domain ontology and cba an innovative rule ...
Phishing detection in ims using domain ontology and cba an innovative rule ...Phishing detection in ims using domain ontology and cba an innovative rule ...
Phishing detection in ims using domain ontology and cba an innovative rule ...
 

Último

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 

Último (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 

Towards detecting phishing web pages

  • 1.
  • 2.  Cyber Crime- the major concern.  Internet frauds affect the rapidly growing online services.  E-commerce is the main target.  Social communication sites and mail service are also victim of them.  Phishing is an alarming threat.  Technical steps needed to defend them. 2
  • 3. PROBLEM STATEMENT  Phishing attacks succeed if users fail to detect phishing sites.  Previous anti-phishing falls into four categories:  Study on phishing  Training people  User interface  Detection tools  Previous works deals with limited service.  Our approach- Development of an automated phishing detection method. 3
  • 4. PHISHING?  A criminal trick of stealing sensitive personal information.  Fooled user and push them to fall in the trick.  Use social engineering and technical strategy.  Mainly, duplicate original web-pages.  First describe in 1987. 4
  • 5. ATTRIBUTES OF PHISHING  Similar appearance of web-page.  IP based URL & Non Matching URL.  URL contain abnormal characters.  Misspelled URL.  Using script or add-in to web browser to cover the address bar. 5
  • 6. PHISHING STATS  According to APWG  According to PhishTank Phishes Verified as Valid Suspected Phishes Submitted Total 531086 Total 928206 Online 2770 Online 3021 Offline 528316 Offline 925174 Total phishing attack. (Up to 6th April 2010) 6
  • 7. ANTI-PHISHING  Social response  Educating people.  Changing habit.  Technical support  Identify phishing site.  Implementation of secure model.  Browser alert.  Eliminating phishing mails.  Monitoring and Takedown. 7
  • 8. METHODOLOGY Step 1: Checking with database 8 ? ?
  • 9. METHODOLOGY Step 2: Checking abnormal conditions 9 ? ? ?
  • 10. METHODOLOGY Step 2: Search for new Phishing 10 ? ? ?? ?
  • 12. EXPERIMENTAL ANALYSIS Approach Accuracy Time (second) IP based URL 100% 17 Exists in phishing database 97% 59 Matching source content 81% 134 Abnormal condition 79% 51 12
  • 13. DISCUSSION  Our approach reduces the ability of attackers to automate their attacks, cutting into their profitability.  By using the minimal knowledge base provided by the user-selected web-page, our system is able to compare potential phishing sites with real sites.  Performance and accuracy can be improved by using an image segmentation algorithm.  Flash contents can’t be validated whether phishing threat or not in our system. 13
  • 14. REFERENCES  Anti-Phishing Working Group (APWG). http://www.antiphishing.org/ . April 7 2010.  PhishTank. http://www.phishtank.com/. April 6 2010.  Y. Zhang, J. Hong, and L. Cranor. Cantina: A content-based approach to detecting phishing web sites. 16th international conference on World Wide Web in 2007.  Felix, Jerry and Hauck, Chris (September 1987). "System Security: A Hacker's Perspective". 1987 Interex Proceedings 1: 6. 14