Development of the domain name system
SIGCOMM '88 Symposium proceedings on Communications architectures and protocols
A framework for detection and measurement of phishing attacks
Proceedings of the 2007 ACM workshop on Recurring malcode
Spamming botnets: signatures and characteristics
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
On the Effectiveness of Techniques to Detect Phishing Sites
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Highly predictive blacklisting
SS'08 Proceedings of the 17th conference on Security symposium
A hybrid phish detection approach by identity discovery and keywords retrieval
Proceedings of the 18th international conference on World wide web
Identifying suspicious URLs: an application of large-scale online learning
ICML '09 Proceedings of the 26th Annual International Conference on Machine Learning
Phishnet: predictive blacklisting to detect phishing attacks
INFOCOM'10 Proceedings of the 29th conference on Information communications
Predictive blacklisting as an implicit recommendation system
INFOCOM'10 Proceedings of the 29th conference on Information communications
On the potential of proactive domain blacklisting
LEET'10 Proceedings of the 3rd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
Lexical feature based phishing URL detection using online learning
Proceedings of the 3rd ACM workshop on Artificial intelligence and security
Detecting algorithmically generated malicious domain names
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Building a dynamic reputation system for DNS
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Detecting malware domains at the upper DNS hierarchy
SEC'11 Proceedings of the 20th USENIX conference on Security
Lexical URL analysis for discriminating phishing and legitimate websites
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference
Evaluating a semisupervised approach to phishing url identification in a realistic scenario
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference
Monitoring the initial DNS behavior of malicious domains
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
IFIP'12 Proceedings of the 11th international IFIP TC 6 conference on Networking - Volume Part I
Hi-index | 0.00 |
Phishing is an important security issue to the Internet, which has a significant economic impact. The main solution to counteract this threat is currently reactive blacklisting; however, as phishing attacks are mainly performed over short periods of time, reactive methods are too slow. As a result, new approaches to early identify malicious websites are needed. In this paper a new proactive discovery of phishing related domain names is introduced. We mainly focus on the automated detection of possible domain registrations for malicious activities. We leverage techniques coming from natural language modelling in order to build pro-active blacklists. The entries in this list are built using language models and vocabularies encountered in phishing related activities - "secure", "banking", brand names, etc. Once a pro-active blacklist is created, ongoing and daily monitoring of only these domains can lead to the efficient detection of phishing web sites.