Paper Info
Title
A novel approach to protect against phishing attacks at client side using auto-updated white-list.
Abstract
Most of the anti-phishing solutions are having two major limitations; the first is the need of a fast access time for a real-time environment and the second is the need of high detection rate. Black-list-based solutions have the fast access time but they suffer from the low detection rate while other solutions like visual similarity and machine learning suffer from the fast access time. In this paper, we propose a novel approach to protect against phishing attacks using auto-updated white-list of legitimate sites accessed by the individual user. Our proposed approach has both fast access time and high detection rate. When users try to open a website which is not available in the white-list, the browser warns users not to disclose their sensitive information. Furthermore, our approach checks the legitimacy of a webpage using hyperlink features. For this, hyperlinks from the source code of a webpage are extracted and apply to the proposed phishing detection algorithm. Our experimental results show that the proposed approach is very effective for protecting against phishing attacks as it has 86.02 % true positive rate while less than 1.48 % false negative rate. Moreover, our proposed system is efficient to detect various other types of phishing attacks (i.e., Domain Name System (DNS) poisoning, embedded objects, zero-hour attack).
Year
DOI
Venue
2016
10.1186/s13635-016-0034-3
EURASIP J. Information Security
Keywords
Field
DocType
Cyber security, Phishing, Black-list, White-list, Social engineering, DNS poisoning, Hyperlinks
Client-side,Phishing,Access time,Computer security,Computer science,Domain Name System,Hyperlink,Spoofed URL,Information sensitivity,DNS spoofing
Journal
Volume
Issue
ISSN
2016
1
1687-417X
Citations 
PageRank 
References 
22
0.98
13
Authors
2
Name
Order
Citations
PageRank
Ankit Kumar Jain1817.77
B. B. Gupta2453.98