SIGIR '00 Proceedings of the 23rd annual international ACM SIGIR conference on Research and development in information retrieval
The battle against phishing: Dynamic Security Skins
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Do security toolbars actually prevent phishing attacks?
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Detecting Phishing Web Pages with Visual Similarity Assessment Based on Earth Mover's Distance (EMD)
IEEE Transactions on Dependable and Secure Computing
Cantina: a content-based approach to detecting phishing web sites
Proceedings of the 16th international conference on World Wide Web
Learning to detect phishing emails
Proceedings of the 16th international conference on World Wide Web
A large-scale study of web password habits
Proceedings of the 16th international conference on World Wide Web
Anti-Phishing Phil: the design and evaluation of a game that teaches people not to fall for phish
Proceedings of the 3rd symposium on Usable privacy and security
Dynamic pharming attacks and locked same-origin policies for web browsers
Proceedings of the 14th ACM conference on Computer and communications security
Itrustpage: a user-assisted anti-phishing tool
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Anti-phishing based on automated individual white-list
Proceedings of the 4th ACM workshop on Digital identity management
Automatic parameter tuning with a Bayesian case-based reasoning system. A case of study
Expert Systems with Applications: An International Journal
A hybrid phish detection approach by identity discovery and keywords retrieval
Proceedings of the 18th international conference on World wide web
Fighting Phishing with Discriminative Keypoint Features
IEEE Internet Computing
Improving algorithms for structure learning in Bayesian Networks using a new implicit score
Expert Systems with Applications: An International Journal
Intelligent phishing detection system for e-banking using fuzzy data mining
Expert Systems with Applications: An International Journal
An analysis of Bayesian classifiers
AAAI'92 Proceedings of the tenth national conference on Artificial intelligence
Hi-index | 12.05 |
The theft attacks of web digital identities, e.g., phishing, and pharming, could result in severe loss to users and vendors, and even hold users back from using online services, e-business services, especially. In this paper, we propose an approach, referred to as automated individual white-list (AIWL), to protect user's web digital identities. AIWL leverages a Naive Bayesian classifier to automatically maintain an individual white-list of a user. If the user tries to submit his or her account information to a web site that does not match the white-list, AIWL will alert the user of the possible attack. Furthermore, AIWL keeps track of the features of login pages (e.g., IP addresses, document object model (DOM) paths of input widgets) in the individual white-list. By checking the legitimacy of these features, AIWL can efficiently defend users against hard attacks, especially pharming, and even dynamic pharming. Our experimental results and user studies show that AIWL is an efficient tool for protecting web digital identities.