Presentation is loading. Please wait.

Presentation is loading. Please wait.

Anti-Phishing Approaches Lifeng Hu

Published byWalter Conley Modified over 9 years ago

Similar presentations

Presentation on theme: "Anti-Phishing Approaches Lifeng Hu"— Presentation transcript:

1 Anti-Phishing Approaches Lifeng Hu lh2342@columbia.edu

2 What is Phishing? An engineering attack An attempt to trick individuals into revealing personal credentials (uname, passwd, credit card info, etc) Based on faked email and websites A threat for the internet users Damages - 73 million US adults received more than 50 phishing emails a year - $2.8 billion loss a year

3 Phishing Methods Establish websites having similar interface/URL as famous websites Establish cheating websites to get users’ personal information Establish transparent website between original websites and users Send emails containing malicious URL Send emails containing embed malicious flash/picture files to avoid text checking of anti- phishing

4 False positive/negative rate of Anti-Phishing Approaches False negative rate: the rate of phishing websites being regarded as good in all phishing websites False positive rate: the rate of good websites being regarded as phishing in all good websites So, the lower false rates are, the better Anti-Phishing approach is

5 Anti-Phishing Approaches for Specific Websites Typically, designed by website companies An example is Sitekey mechanism of BankOfAmerica online Pro: False negative rate is low False positive rate can be zero Con: Not applicable for phishing emails

6 Anti-Phishing Approaches Based on Database Anti-phishing Firewall : Kaspersky Anti-phishing Toolbar : Netcraft All based on on-line database Toolbar can provide URL statistics data in advance Pro: Applicable for both websites and emails False negative rate can be low False positive rate is low Con: Need frequent updates Relatively hard to implement False negative rate increases if not up-to-date

7 Anti-Phishing Approaches Based on Content PILFER: email phishing detection based on machine-learning combining 10 filters: - IP based URL: 192.168.0.1/paypal.cgi?fix=account - Domain age from whois.net - Non-matching URL: paypal.com - HTML email : hidden URLs - Malicious JavaScript - … Pro: Practically, false positive and negative rate are relative low Machine learning methods make it possible to improve accuracy No constant update is needed Con: Still need updates on training data and filters to adapt new styles of phishing emails Network cost is a problem

8 Anti-Phishing Approaches Based on Content (cont.) CANTINA: phishing website detection based on TF-IDF weight - TF: the number of times a given term appears in a specific document - IDF: a measure of the general importance of the term in all documents - TF-IDF = TF/IDF, specifies term with frequency in a given document - Search five top TF-IDF words of current web page in search engine such as Google - Current web page should be in top N (30) search results to be legitimate CANTINA also uses filters similar to PILFER to decrease false positive Pro: False positive and negative rate are very low No constant update is needed Search engine ranking is relative hard to cheat Con:Network cost is a problem Too many phishing website searches may affect phishing websites’ ranking

9 Summary of mentioned Anti-Phishing Approaches Anti-Phishing ApproachesFalse PositiveFalse Negative Implement Effort Adaptation Update Cycle For Specific WebsitesZeroLowEasySpecific WebsiteNone Firewall Based on DatabaseLowMedium General Web/Email Very Frequently Toolbar Based on DatabaseLow Hard General Web/Email Very Frequently PILFERLow MediumGeneral EmailSometimes CANTINAVery LowLowMedium General Websites Few

10 Thanks!

Download ppt "Anti-Phishing Approaches Lifeng Hu"

Similar presentations

PhishZoo: Detecting Phishing Websites By Looking at Them

PhishZoo: Detecting Phishing Websites By Looking at Them
Reporter: Jing Chiu Advisor: Yuh-Jye Lee 2015/7/181Data Mining & Machine Learning Lab.

Reporter: Jing Chiu Advisor: Yuh-Jye Lee /7/181Data Mining & Machine Learning Lab.
Learning to Detect Phishing s

Learning to Detect Phishing s
1 CANTINA : A Content-Based Approach to Detecting Phishing Web Sites WWW 2007 2008.09.09 Yue Zhang, Jason Hong, and Lorrie Cranor.

1 CANTINA : A Content-Based Approach to Detecting Phishing Web Sites WWW Yue Zhang, Jason Hong, and Lorrie Cranor.
Report : 鄭志欣 Advisor: Hsing-Kuo Pao 1 Learning to Detect Phishing Emails I. Fette, N. Sadeh, and A. Tomasic. Learning to detect phishing emails. In Proceedings.

Report : 鄭志欣 Advisor: Hsing-Kuo Pao 1 Learning to Detect Phishing s I. Fette, N. Sadeh, and A. Tomasic. Learning to detect phishing s. In Proceedings.
PHAD- A Phishing Avoidance and Detection Tool Using Invisible Digital Watermarking By Sonali Batra Web 2.0 Security and Privacy 2014.

PHAD- A Phishing Avoidance and Detection Tool Using Invisible Digital Watermarking By Sonali Batra Web 2.0 Security and Privacy 2014.
Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.

Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.
A Crawler-based Study of Spyware on the Web Author: Alexander Moshchuk, Tanya Bragin, Steven D.Gribble, Henry M.Levy Presented At: NDSS, 2006 Prepared.

A Crawler-based Study of Spyware on the Web Author: Alexander Moshchuk, Tanya Bragin, Steven D.Gribble, Henry M.Levy Presented At: NDSS, 2006 Prepared.
Internet Phishing Not the kind of Fishing you are used to.

Internet Phishing Not the kind of Fishing you are used to.
Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.

Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.
Best Web Directories and Search Engines Order Out of Chaos on the World Wide Web.

Best Web Directories and Search Engines Order Out of Chaos on the World Wide Web.
CANTINA: A Content-Based Approach to Detecting Phishing Web Sites Yue Zhang University of Pittsburgh Jason I. Hong, Lorrie F. Cranor Carnegie Mellon University.

CANTINA: A Content-Based Approach to Detecting Phishing Web Sites Yue Zhang University of Pittsburgh Jason I. Hong, Lorrie F. Cranor Carnegie Mellon University.
What is the Internet? The Internet is a computer network connecting millions of computers all over the world It has no central control - works through.

What is the Internet? The Internet is a computer network connecting millions of computers all over the world It has no central control - works through.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Search Engine Optimization (SEO)

Search Engine Optimization (SEO)
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Verma - ICISS 2014 R easoning M ining NLP Defense Rakesh M. Verma ReMiND Laboratory Catching Classical and Hijack-based Phishing Attacks.

Verma - ICISS 2014 R easoning M ining NLP Defense Rakesh M. Verma ReMiND Laboratory Catching Classical and Hijack-based Phishing Attacks.
Detection of Internet Scam Using Logistic Regression

Detection of Internet Scam Using Logistic Regression
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Examining the Effectiveness and Techniques of the Anti-Phishing Technology in Leading Web Browsers and Security Toolbars. Wesley W. Owen

Examining the Effectiveness and Techniques of the Anti-Phishing Technology in Leading Web Browsers and Security Toolbars. Wesley W. Owen

Similar presentations

Ads by Google