Abstract
In cyberspace one of the major security issue is phishing attacks. Phishing attacks are the most treacherous form of fraudulent activities of mobile and desktop. With the growing usage of smartphones, user find it convenient to keep their private data on mobile phones which allows phishers to exploit mobile devices for ingathering valuable data. The limitation of small screen size and low computational power makes mobile phones security vulnerable to more phishing attacks compared to desktop computers. Mostly, mobile users stay online so increase the chance of being phished. Moreover, to avoid phishing attacks malware detection and filtering system should be deployed and companies should educate their users about diversity of phishing attacks. Until now, no such effective anti-mobile phishing technique has been invented or adopted that can precisely distinguish authentic and phishing websites. However, many research has been done in this regard. In this paper, a detailed discussion is presented on several anti-mobile phishing models based on various methods for preventing users to evade phishing attacks. Furthermore, many issues and challenges faced while preventing users from phishing attacks are also elaborated. Lastly, the experimental result based on the evaluation of models are presented and using these facts suggested that which model can effectively and accurately detect malicious sites.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Chorghe, S.P., Shekokar, N.: A survey on anti-phishing techniques in mobile phones. In: Inventive Computation Technologies (ICICT). IEEE (2017)
Jain, A.K., Gupta, B.B.: Rule-based framework for detection of smishing messages in mobile environment. In: 6th International Conference on Smart Computing and Communications, ICSCC, India (2017)
Han, W., Wang, Y., Cao, Y., Zhou, J., Wang, L.: Anti-phishing by smart mobile device. In: IFIP International Conference on Network and Parallel Computing Workshops (2007)
Sonowal, G., Kuppusamy, K.S.: PhiDMA – a phishing detection model with multi-filter approach. J. King Saud Univ.-Comput. Inf. Sci. (2017)
Yue, C., Wang, H.: Anti-phishing in offense and defense. In: Computer Security Applications Conference. IEEE (2008)
Ndibwile, J.D., Kadobayashi, Y., Fall, D.: UnPhishMe: phishing attack detection by deceptive login simulation through an android mobile app. In: 12th Asia Joint Conference on Information Security, Japan (2017)
Longfei, W., Xiaojiang, D., Jie, W.: Effective defense schemes for phishing attacks on mobile computing platforms. IEEE Trans. Veh. Technol. 65(8), 6678–6691 (2015)
APWG: phishing attack campaigns in 2016 shatter all previous years’ records. Phishing activity trends report 4th quarter (2016)
Abutair, Y.A., Belghith, A.: Using case-based reasoning for phishing detection. In: 8th International Conference on Ambient Systems, Networks and Technologies (2017)
Arachchilage, N.A.G., Love, S., Beznosov, K.: Phishing threat avoidance behaviour: an empirical investigation. Comput. Hum. Behav. 60, 185–197 (2016)
Das, A., Ullah, H.: Security behaviors of smartphone users. Inf. Comput. Secur. (ICS) 24(1), 116–134 (2016)
Jansson, K., Solms, V.: Phishing for phishing awareness. Behav. Inf. Technol. 32(6), 584–593 (2013)
Maggi, F., Volpatto, A., Gasparini, S., Boracchi, G., Zanero, S.: A fast eavesdropping attack against touchscreens. In: 7th International Conference on Information Assurance and Security. IEEE (2011)
Longfei, W., Xiaojiang, D., Xinwen, F.: Security threats to mobile multimedia applications: camera-based attacks on mobile phones. IEEE Commun. Mag. 52(3), 80–87 (2014)
Fenz, S., Heurix, J., Neubauer, T., Pechstein, F.: Current challenges in information security risk management. Inf. Manag. Comput. Secur. 22(5), 410–430 (2014)
Marforio, C., Masti, R.J., Soriente, C., Kostiainen, K., Capkun, S.: Personalized security indicators to detect application phishing attacks in mobile platforms. Technical report (2015)
Bottazzi, G., Casalicchio, E., Cingolani, D., Marturana, F., Piu, M.: MP-Shield: a framework for phishing detection in mobile devices. In: International Conference on Computer and Information Technology. IEEE (2015)
Foozy, M., Feresa, C., Ahmad, R., Abdollah, M.F.: A practical rule based technique by splitting SMS phishing from SMS spam for better accuracy in mobile device. Int. Rev. Comput. Softw. 9(10), 1776–1782 (2014)
Thomas, T.: Mobile phishing: thief right in your pocket. Managing Information Risk, AUJAS (2015)
Aaron, G., Rasmussen, R.: Global phishing survey: trends and domain name use in 2H. APWG (2013)
Aleroud, A., Zhou, L.: Phishing environments, techniques, and countermeasures: a survey. Comput. Secur. 68, 160–196 (2017)
Amro, B.: Phishing techniques in mobile devices. J. Comput. Commun. 6(2), 27–35 (2018)
Ferrara, J.: Social engineering and how to counteract advanced attacks (2013)
Ramzan, Z.: Phishing attacks and countermeasures. In: Stavroulakis, P., Stamp, M. (eds.) Handbook of Information and Communication Security, pp. 433–448. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-04117-4_23
Abu-Nimeh, S., Nair, S.: Phishing attacks in a mobile environment (2016)
Herfurt, M.: Detecting and attacking bluetooth-enabled cellphones at the hannover fairground. CeBIT (2004)
Chaudhry, J.A., Chaudhry, S.A., Rittenhouse, R.G.: Phishing attacks and defenses. Int. J. Secur. Appl. 10(1), 247–256 (2016)
Thakur, H., Kaur, S.: A survey paper on phishing detection. Int. J. Adv. Res. Comput. Sci. (2016)
Richter, M.M., Weber, R.O.: Case-Based Reasoning. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40167-1
Aamodt, A., Plaza, E.: Case-based reasoning: foundational issues, methodological variations, and system approaches. AI Commun. 7(1), 39–59 (1994)
Cranor, L.F.: A framework for reasoning about the human in the loop. In: Proceedings of the 1st Conference on Usability, Psychology and Security. USENIX Association (2008)
Bicakci, K., Unal, D., Asciogluc, N., Adalier, O.: Mobile authentication secure against man-in-the-middle attacks. In: 11th International Conference on Mobile Systems and Pervasive Computing (2014)
Wright, R.T., Marett, K.: The influence of experiential and dispositional factors in phishing: an empirical investigation of the deceived. J. Manag. Inf. Syst. 27(1), 273–303 (2010)
Anderson, R.: Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley, New York (2008)
Tewari, A., Jain, A.K., Gupta, B.B.: Recent survey of various defense mechanisms against phishing attacks. J. Inf. Priv. Secur. 12(1), 3–13 (2016)
Roman, R., Najera, P., Lopez, J.: Securing the internet of things. Comput. J. Mag. (2011)
Jain, A.K., Gupta, B.B.: Phishing detection: analysis of visual similarity based approaches. Secur. Commun. Netw. (2017)
Rosiello, A.P.E., Kirdr, E., Kruegel, C., Ferrandi, F.: A layout-similarity-based approach for detecting phishing pages. In: Proceedings of the 3rd International Conference on Security and Privacy in Communications Networks and the Workshops (2007)
Merwe, A.V.D., Seker, R., Gerber, A.: Phishing in the system of systems settings: mobile technology. In: International Conference on Systems, Man and Cybernetics. IEEE (2005)
Merwe, V.D., Loock, A.M., Dabrowski, M.: Characteristics and responsibilities involved in a Phishing attack. In: Proceedings of the Winter International Symposium on Information and Communication Technologies, Cape Town (2005)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Khalid, J., Jalil, R., Khalid, M., Maryam, M., Shafique, M.A., Rasheed, W. (2019). Anti-phishing Models for Mobile Application Development: A Review Paper. In: Bajwa, I., Kamareddine, F., Costa, A. (eds) Intelligent Technologies and Applications. INTAP 2018. Communications in Computer and Information Science, vol 932. Springer, Singapore. https://doi.org/10.1007/978-981-13-6052-7_15
Download citation
DOI: https://doi.org/10.1007/978-981-13-6052-7_15
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-6051-0
Online ISBN: 978-981-13-6052-7
eBook Packages: Computer ScienceComputer Science (R0)