Alice, What Did You Do Last Time? Fighting Phishing Using Past Activity Tests

  • Nikos Nikiforakis
  • Andreas Makridakis
  • Elias Athanasopoulos
  • Evangelos P. Markatos
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 30)


Phishing attacks are one of the most crucial modern security threats in the current World Wide Web. An adversary may clone a legitimate Web site and lure a user to submit her credentials to the malicious construct. The adversary may then use the stolen credentials to the authentic site. In this paper we present a novel idea to fight phishing using Past Activity Tests (PACTs). In a nutshell, PACTs take advantage of the fact that the user has accessed at least once her account in the past, contrary to the phisher who accesses the user’s account for the first time. Thus, a user can answer a question relative to her past activity, but the attacker can not.


Visual Similarity Real Deployment Graphical Password Authentic Site Text Password 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    APWG. Anti-phishing working group.
  2. [2]
    PHP. Hypertext preprocessor.
  3. [3]
    PostgreSQL. The world’s most advanced open source database.
  4. [4]
    Yahoo people search.
  5. [5]
    Google. Search engine.
  6. [6]
    Hotmail. Free e-mail service with security by Microsoft.
  7. [7]
    Gmail. A new kind of webmail.
  8. [8]
    Flickr. Photo sharing service.
  9. [9]
  10. [10]
    B. Ross, C. Jackson, N. Miyake, D. Boneh, J. C. Mitchell (2005). Stronger Password Authentication Using Browser Extensions. In SSYM’05: Proceedings of the 14th Conference on USENIX Security Symposium, pp. 2–2, Berkeley, CA, USA. Usenix AssociationGoogle Scholar
  11. [11]
    R. Dhamija and J. D. Tygar (2005). The Battle Against Phishing: Dynamic Security Skins. In SOUPS ‘05: Proceedings of the 2005 Symposium on Usable Privacy and Security, pp. 77–88, New York, USA, 2005. ACM PressGoogle Scholar
  12. [12]
    E. Kirda and C. Kruegel (2005). Protecting Users Against Phishing Attacks with AntiPhish. In COMPSAC ‘05: Proceedings of the 29th Annual International Computer Software and Applications Conference (COMPSAC’05) Vol. 1, pp. 517–524, Washington, DC, USA. IEEE Computer Society.Google Scholar
  13. [13]
    L. Wenyin, G. Huang, L. Xiaoyue, Z. Min and X. Deng (2005). Detection of Phishing Webpages Based on Visual Similarity. In WWW ‘05: Special Interest Tracks and Posters of the 14th International Conference on World Wide Web, pp. 1060–1061, New York, USA. ACM PressCrossRefGoogle Scholar
  14. [14]
    Passfaces. Patented graphical passwords for enterprise.
  15. [15]
    A.Y. Fu (2006). Detecting Phishing Web Pages with Visual Similarity Assessment Based on Earth Mover’s Distance (EMD). IEEE Trans. Dependable Secur. Comput., 3(4):301–311. Senior Member-Liu Wenyin and Senior Member-Xiaotie Deng.CrossRefGoogle Scholar
  16. [16]
    W. Liu, X. Deng, G. Huang and A.Y. Fu (2006). An Antiphishing Strategy Based on Visual Similarity Assessment. IEEE Educational Activities Department, 10(2):58–65Google Scholar
  17. [17]
    Y. Zhang, J. Hong and L. Cranor (2007). CANTINA: A Content-Based Approach to Detecting Phishing Web Sites. In Proceedings of the 16th International World Wide Web Conference (WWW2007)Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2009

Authors and Affiliations

  • Nikos Nikiforakis
    • 1
  • Andreas Makridakis
    • 1
  • Elias Athanasopoulos
    • 1
  • Evangelos P. Markatos
    • 1
  1. 1.Institute of Computer ScienceForthGreece

Personalised recommendations