A Sender-Centric Approach to Detecting Phishing Emails

Author

Sanchez, F. ; Zhenhai Duan

Author_Institution

Florida State Univ., Tallahassee, FL, USA

fYear

2012

fDate

14-16 Dec. 2012

Firstpage

32

Lastpage

39

Abstract

Email-based online phishing is a critical security threat on the Internet. Although phishers have great flexibility in manipulating both the content and structure of phishing emails, phishers have much less flexibility in completely concealing the sender information of a phishing message. Importantly, such sender information is often inconsistent with the target institution of a phishing email. Based on this observation, in this paper we advocate and develop a sender-centric approach to detecting phishing emails by focusing on the sender information of a message instead of the content or structure of the message. Our evaluation studies based on real-world email traces show that the sender-centric approach is a feasible and effective method in detecting phishing emails. For example, using an email trace containing both phishing and legitimate messages, we show that the sender-centric approach can detect 98.7% of phishing emails while correctly classifying all legitimate messages.

Keywords

Internet; computer crime; computer network security; unsolicited e-mail; Internet; critical security threat; email trace; email-based online phishing; phishing email content; phishing email detection; phishing email structure; phishing message; sender information; sender-centric approach; Phishing; Phishing email detection; Phishing emails;

fLanguage

English

Publisher

ieee

Conference_Titel

Cyber Security (CyberSecurity), 2012 International Conference on

Conference_Location

Washington, DC

Print_ISBN

978-1-4799-0219-4

Type

conf

DOI

10.1109/CyberSecurity.2012.11

Filename

6542523