Abstract
This paper presents a proposal for scalable detection and isolation of phishing. The main ideas are to move the protection from end users towards the network provider and to employ the novel bad neighbourhood concept, in order to detect and isolate both phishing e-mail senders and phishing web servers. In addition, we propose to develop a self-management architecture that enables ISPs to protect their users against phishing attacks, and explain how this architecture could be evaluated. This proposal is the result of half a year of research work at the University of Twente (UT), and it is aimed at a Ph.D. thesis in 2012.
Chapter PDF
Similar content being viewed by others
References
Herley, C., Florencio, D.: A profitless endeavor: Phishing as tragedy of the commons. In: Proc. of the ACM SIGSAC New Security Paradigms Workshop, Lake Tahoe, California, USA (September 2008)
McCall, T.: Gartner survey shows phishing attacks escalated in 2007 (2008)
Dhamija, R., Tygar, J.D., Hearst, M.: Why phishing works. In: CHI 2006: Proceedings of the SIGCHI conference on Human Factors in computing systems, pp. 581–590. ACM, New York (2006)
Kumaraguru, P., Sheng, S., Acquisti, A., Cranor, L.F., Hong, J.: Lessons from a real world evaluation of anti-phishing training. In: eCrime Researchers Summit, pp. 1–12 (2008)
Fette, I., Sadeh, N., Tomasic, A.: Learning to detect phishing emails. In: WWW 2007: Proceedings of the 16th international conference on World Wide Web, pp. 649–656. ACM, New York (2007)
Zhang, Y., Egelman, S., Cranor, L.F., Hong, J.: Phinding phish: Evaluating anti-phishing tools. In: Proceedings of the 14th Annual Network and Distributed System Security Symposium (NDSS 2007), San Diego, CA, USA (2007)
Dhamija, R., Tygar, J.D.: The battle against phishing: Dynamic security skins. In: SOUPS 2005: Proceedings of the 2005 symposium on Usable privacy and security, pp. 77–88. ACM, New York (2005)
Phishing Protection Design Documentation (2009), https://wiki.mozilla.org/safe_browsing:_design_documentation
Cyveillance Anti-Phishing (2009), http://www.cyveillance.com/
British Telecom Managed Security Services (2009), http://bt.counterpane.com/managed-security-services.html
Irwin, B., Pilkington, N.: High level internet scale traffic visualization using hilbert curve mapping. In: VizSEC 2007: Proceedings of the Workshop on Visualization for Computer Security, pp. 147–158. Springer, Heidelberg (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Moura, G.C.M., Pras, A. (2009). Scalable Detection and Isolation of Phishing. In: Sadre, R., Pras, A. (eds) Scalability of Networks and Services. AIMS 2009. Lecture Notes in Computer Science, vol 5637. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02627-0_20
Download citation
DOI: https://doi.org/10.1007/978-3-642-02627-0_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-02626-3
Online ISBN: 978-3-642-02627-0
eBook Packages: Computer ScienceComputer Science (R0)