C4.5: programs for machine learning
C4.5: programs for machine learning
Detection of phishing webpages based on visual similarity
WWW '05 Special interest tracks and posters of the 14th international conference on World Wide Web
The battle against phishing: Dynamic Security Skins
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Protecting Users against Phishing Attacks
The Computer Journal
Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)
Stronger password authentication using browser extensions
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Behind phishing: an examination of phisher modi operandi
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Lexical feature based phishing URL detection using online learning
Proceedings of the 3rd ACM workshop on Artificial intelligence and security
A hierarchical adaptive probabilistic approach for zero hour phish detection
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Assessing the severity of phishing attacks: A hybrid data mining approach
Decision Support Systems
On the effects of registrar-level intervention
LEET'11 Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats
CANTINA+: A Feature-Rich Machine Learning Framework for Detecting Phishing Web Sites
ACM Transactions on Information and System Security (TISSEC)
Using data type based security alert dialogs to raise online security awareness
Proceedings of the Seventh Symposium on Usable Privacy and Security
Proceedings of the Seventh Symposium on Usable Privacy and Security
Trustworthiness testing of phishing websites: A behavior model-based approach
Future Generation Computer Systems
Feature selection for improved phishing detection
IEA/AIE'12 Proceedings of the 25th international conference on Industrial Engineering and Other Applications of Applied Intelligent Systems: advanced research in applied artificial intelligence
A quantitative approach to estimate a website security risk using whitelist
Security and Communication Networks
Proactive discovery of phishing related domain names
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
A multi-tier phishing detection and filtering approach
Journal of Network and Computer Applications
Preventing the revealing of online passwords to inappropriate websites with logininspector
lisa'12 Proceedings of the 26th international conference on Large Installation System Administration: strategies, tools, and techniques
ECC-based anti-phishing protocol for cloud computing services
International Journal of Security and Networks
PhishSafe: leveraging modern JavaScript API's for transparent and robust protection
Proceedings of the 4th ACM conference on Data and application security and privacy
| Hi-index | 0.00 |
Phishing is an electronic online identity theft in which the attackers use a combination of social engineering and web site spoofing techniques to trick a user into revealing confidential information. This information is typically used to make an illegal economic profit (e.g., by online banking transactions, purchase of goods using stolen credentials, etc.). Although simple, phishing attacks are remarkably effective. As a result, the numbers of successful phishing attacks have been continuously increasing and many anti-phishing solutions have been proposed. One popular and widely-deployed solution is the integration of blacklist-based anti-phishing techniques into browsers. However, it is currently unclear how effective such blacklisting approaches are in mitigating phishing attacks in real-life. In this paper, we report our findings on analyzing the effectiveness of two popular anti-phishing solutions. Over a period of three weeks, we automatically tested the effectiveness of the blacklists maintained by Google and Microsoft with 10,000 phishing URLs. Furthermore, by analyzing a large number of phishing pages, we explored the existence of page properties that can be used to identify phishing pages.