Sciweavers

DIM
2008
ACM

Anti-phishing based on automated individual white-list

14 years 1 months ago
Anti-phishing based on automated individual white-list
In phishing and pharming, users could be easily tricked into submitting their username/passwords into fraudulent web sites whose appearances look similar as the genuine ones. The traditional blacklist approach for anti-phishing is partially effective due to its partial list of global phishing sites. In this paper, we present a novel anti-phishing approach named Automated Individual White-List (AIWL). AIWL automatically tries to maintain a white-list of user’s all familiar Login User Interfaces (LUIs) of web sites. Once a user tries to submit his/her confidential information to an LUI that is not in the white-list, AIWL will alert the user to the possible attack. Next, AIWL can efficiently defend against pharming attacks, because AIWL will alert the user when the legitimate IP is maliciously changed; the legitimate IP addresses, as one of the contents of LUI, are recorded in the white-list and our experiment shows that popular web sites’ IP addresses are basically stable. Furthermo...
Ye Cao, Weili Han, Yueran Le
Added 09 Nov 2010
Updated 09 Nov 2010
Type Conference
Year 2008
Where DIM
Authors Ye Cao, Weili Han, Yueran Le
Comments (0)