Title:
Fishing for Phishing from the Network Stream
Fishing for Phishing from the Network Stream
Authors
Ramachandran, Anirudh
Feamster, Nick
Krishnamurthy, Balachander
Spatscheck, Oliver
Van der Merwe, Jacobus
Feamster, Nick
Krishnamurthy, Balachander
Spatscheck, Oliver
Van der Merwe, Jacobus
Authors
Advisors
Advisors
Associated Organizations
Collections
Supplementary to
Permanent Link
Abstract
Phishing is an increasingly prevalent social-engineering attack
that attempts identity theft using spoofed Web pages
of legitimate organizations. Unfortunately, current phishing
detection methods are neither complete nor responsive because
they rely on user reports, and many also require clientside
software. Anti-phishing techniques could be more effective
if they (1) could detect phishing attacks automatically
from the network traffic; (2) could operate without cooperation
from end-users. This paper performs a preliminary
study to determine the feasibility of detecting phishing
attacks in real-time, from the network traffic stream itself.
We develop a model to identify the stages where in-network
phishing detection is feasible and the data sources that can
be analyzed to provide relevant information at each stage.
Based on this model, we develop and evaluate a detection
method based on features that exist in the network traffic it-
self and are correlated with confirmed phishing attacks.
Sponsor
Date Issued
2008
Extent
Resource Type
Text
Resource Subtype
Technical Report