Detection of phishing webpages based on visual similarity
WWW '05 Special interest tracks and posters of the 14th international conference on World Wide Web
Characteristics and responsibilities involved in a Phishing attack
WISICT '05 Proceedings of the 4th international symposium on Information and communication technologies
The battle against phishing: Dynamic Security Skins
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Protecting Users Against Phishing Attacks with AntiPhish
COMPSAC '05 Proceedings of the 29th Annual International Computer Software and Applications Conference - Volume 01
Modeling and preventing phishing attacks
FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
Phish and HIPs: human interactive proofs to detect phishing attacks
HIP'05 Proceedings of the Second international conference on Human Interactive Proofs
Examining the impact of website take-down on phishing
Proceedings of the anti-phishing working groups 2nd annual eCrime researchers summit
There is no free phish: an analysis of "free" and live phishing kits
WOOT'08 Proceedings of the 2nd conference on USENIX Workshop on offensive technologies
E-Mail Classification for Phishing Defense
ECIR '09 Proceedings of the 31th European Conference on IR Research on Advances in Information Retrieval
Hi-index | 0.00 |
In this paper, we explain that by only applying a simple filtering algorithm into various proxy systems, almost all phishing attacks can be blocked without loss of convenience to the user. We propose a system based on a simple filtering algorithm which we call the Sanitizing Proxy System (SPS). The key idea of SPS is that Web phishing attack can be immunized by removing part of the content that traps novice users into entering their personal information. Also, since SPS sanitizes all HTTP responses from suspicious URLs with warning messages, novice users will realize that they are browsing phishing sites. The SPS filtering algorithm is very simple and can be described in roughly 20 steps, and can also be built in any proxy system, such as a server solution, a personal firewall or a browser plug-in. By using SPS with a transparent proxy server, novice users will be protected from almost all Web phishing attacks even if novice users misbehave. With a deployment model, robustness and evaluation, we discuss the feasibility of SPS in today’s network operations.