Title :
Phishpin: An Identity-Based Anti-phishing Approach
Author :
Tout, Hicham ; Hafner, William
Author_Institution :
Nova Southeastern Univ., FL, USA
Abstract :
Phishing is a social engineering technique used to fraudulently acquire sensitive information from users by masquerading as a legitimate entity. One of the primary goals of phishing is to illegally carry fraudulent financial transactions on behalf of users. The two primary vulnerabilities exploited by phishers are: Inability of non-technical/unsophisticated users to always identify spoofed emails or Web sites; and the relative ease with which phishers masquerade as legitimate Web sites. This paper presents Phishpin, an approach that leverages the concepts of mutual authentication to require online entities to prove their identities. To this end, Phishpin builds on partial credentials sharing, & client filtering to prevent phishers from masquerading as legitimate online entities.
Keywords :
information filtering; message authentication; client filtering; credentials sharing; domain-based identity techniques; identify spoofed e-mails; identity-based antiphishing approach; legitimate Web sites; mutual authentication; social engineering technique; Authentication; Computer crime; Credit cards; Electronic mail; Filtering; Filters; Government; Information security; Support vector machines; Uniform resource locators; authentication; electronic fraud; encryption; hash; internet security; one time password; phishing; spam;
Conference_Titel :
Computational Science and Engineering, 2009. CSE '09. International Conference on
Conference_Location :
Vancouver, BC
Print_ISBN :
978-1-4244-5334-4
Electronic_ISBN :
978-0-7695-3823-5
DOI :
10.1109/CSE.2009.306
