Abstract
Phishing is an electronic online identity theft in which the attackers use a combination of social engineering and web site spoofing techniques to trick a user into revealing confidential information. This information is typically used to make an illegal economic profit (e.g., by online banking transactions, purchase of goods using stolen credentials, etc.). Although simple, phishing attacks are remarkably effective. As a result, the numbers of successful phishing attacks have been continuously increasing and many anti-phishing solutions have been proposed. One popular and widely-deployed solution is the integration of blacklist-based anti-phishing techniques into browsers. However, it is currently unclear how effective such blacklisting approaches are in mitigating phishing attacks in real-life. In this paper, we report our findings on analyzing the effectiveness of two popular anti-phishing solutions. Over a period of three weeks, we automatically tested the effectiveness of the blacklists maintained by Google and Microsoft with 10,000 phishing URLs. Furthermore, by analyzing a large number of phishing pages, we explored the existence of page properties that can be used to identify phishing pages.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Firefox 2.0.0.1 Phishing Protection Bypass (2007), https://bugzilla.mozilla.org/show_bug.cgi?id=367538
Anti-Phishing Working Group (APWG). APWG Homepage (2007), http://www.antiphishing.org/
Chou, N., Ledesma, R., Teraguchi, Y., Boneh, D., Mitchell, J.: Client-side defense against web-based identity theft. In: 11th Annual Network and Distributed System Security Symposium (NDSS 2004), San Diego (2005)
Utter, D.: Sites Want To Hook And Gut Phishers (2006), http://www.securitypronews.com/insiderreports/insider/spn-49-20061114SitesWantToHookAndGutPhishers.html
Dhamija, R., Tygar, J.D.: The battle against phishing: Dynamic security skins. In: Proceedings of the 2005 symposium on Usable privacy and security, pp. 77–88. ACM Press, New York (2005)
Dhamija, R., Tygar, J.D., Hearst, M.: Why Phishing Works. In: Proceedings of the Conference on Human Factors In Computing Systems (CHI) 2006, Montreal, Canada, ACM Press, New York (2006)
eBay. eBay tool bar (2007), http://pages.ebay.com/ebaytoolbar/
Gartner Press Release. Gartner Says Number of Phishing E-Mails Sent to U.S. Adults Nearly Doubles in Just Two Years (2006), http://www.gartner.com/it/page.jsp?id=498245
Google. Google Toolbar for Firefox (2006), http://www.google.com/tools/firefox/toolbar/FT3/intl/en/
Google. Google Whitelist (2007), http://sb.google.com/safebrowsing/update?version=goog-white-domain:1:-1
Kirda, E., Kruegel, C.: Protecting Users against Phishing Attacks. The Computer Journal (2006)
McAfee. McAfee SiteAdvisor (2007), http://www.siteadvisor.com
Sutton, M.: A Tour of the Google Blacklist (2007), http://portal.spidynamics.com/blogs/msutton/archive/2007/01/04/A-Tour-of-theGoogle-Blacklist.aspx
Microsoft. Microsoft Internet Explorer Privacy Statement (2006), http://www.microsoft.com/windows/ie/ie7/privacy/ieprivacy_7.mspx
Microsoft. Phishing Filter FAQ (2007), https://phishingfilter.microsoft.com/faq.aspx
Microsoft. Sender ID Home Page (2007), http://www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx
Mozilla. Firefox 2 Phishing Protection Effectiveness Testing (2006), http://www.mozilla.org/security/phishing-test.html
NetCraft. Netcraft anti-phishing tool bar (2007), http://toolbar.netcraft.com
Robichaux, P., Phishing, G.: Evaluating Anti-Phishing Tools for Windows (2006), http://www.3sharp.com/projects/antiphishing/gone-phishing.pdf
Phishtank. Phishtank feed: validated and online (2007) http://data.phishtank.com/data/online-valid/index.xml
Provos, N.: Phishing Protection: Server Spec: Lookup Requests (2007) http://wiki.mozilla.org/Phishing_Protection:_Server_Spec#Lookup_Requests
Quinlan, R.: C4.5: Programs for Machine Learning. Morgan Kaufmann, San Francisco (1993)
Ross, B., Jackson, C., Miyake, N., Boneh, D., Mitchell, J.C.: A Browser Plug-In Solution to the Unique Password Problem (2005), http://crypto.stanford.edu/PwdHash/
Ross, B., Jackson, C., Miyake, N., Boneh, D., Mitchell, J.C.: Stronger Password Authentication Using Browser Extensions. In: 14th Usenix Security Symposium (2005)
Schneider, F., Provos, N., Moll, R., Chew, M., Rakowski, B.: Phishing Protection Design Documentation (2007), http://wiki.mozilla.org/Phishing_Protection:_Design_Documentation
SpoofGuard. Client-side defense against web-based identity theft (2005), http://crypto.stanford.edu/SpoofGuard/
Sharif, T.: IE Blog: Phishing Filter (2005), http://blogs.msdn.com/ie/archive/2005/09/09/463204.aspx
Verisign. Anti-Phishing Solution (2005), http://www.verisign.com/verisign-business-solutions/anti-phishing-solut%ions/
W3C. IEBlog:IE7 Phishing Filter Performance Update is Now Available (2007), http://blogs.msdn.com/ie/archive/2007/01/31/ie7-phishing-filter-perform%ance-update-is-now-available.aspx
Wenyin, L., Huang, G., Xiaoyue, L., Min, Z., Deng, X.: Detection of phishing webpages based on visual similarity. In: 14th International Conference on World Wide Web (WWW): Special Interest Tracks and Posters (2005)
Witten, I.H., Frank, E.: Data Mining: Practical machine learning tools and techniques, 2nd edn. Morgan Kaufmann, San Francisco (2005)
Yahoo. Yahoo! AntiSpam Resource Center (2007), http://antispam.yahoo.com/domainkeys
Zhang, Y., Egelman, S., Cranor, L., Hong, J.: Phinding Phish: Evaluating Anti-Phishing Tools. In: Network and IT Security Conference: NDSS 2007, San Diego, California (2007)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ludl, C., McAllister, S., Kirda, E., Kruegel, C. (2007). On the Effectiveness of Techniques to Detect Phishing Sites. In: M. Hämmerli, B., Sommer, R. (eds) Detection of Intrusions and Malware, and Vulnerability Assessment. DIMVA 2007. Lecture Notes in Computer Science, vol 4579. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73614-1_2
Download citation
DOI: https://doi.org/10.1007/978-3-540-73614-1_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-73613-4
Online ISBN: 978-3-540-73614-1
eBook Packages: Computer ScienceComputer Science (R0)