Publication Type
Conference Proceeding Article
Version
submittedVersion
Publication Date
11-2007
Abstract
This paper presents the design of an informationsharing based or server-assisted anti-phishing system. The system follows a client-server architecture and makes decision based on not only client side heuristics but also collective information from multiple clients. When visiting a web site, a client side proxy, installed as a plug-in to a browser, decides on the legitimacy of the web site based on a combination of white list, black list and heuristics. In case the client side proxy does not have sufficient information to make a clear judgment, it reports the suspicious site to a central server which has access to more complete and up to date information and is in a much better position than individual clients to make informed decisions. Our system is designed to counter against deceptive phishing as well as DNS-hijack attack.
Discipline
Information Security | Management Information Systems
Research Areas
Information Systems and Management
Publication
Proceedings of the 1st International Symposium on Data, Privacy and E-Commerce, Chengdu, China, 2007 November 1-3
First Page
265
Last Page
270
ISBN
9780769530161
Identifier
10.1109/ISDPE.2007.65
City or Country
Chengdu, China
Citation
CHENG, Yueqing; YUAN, Zhen; MA, lei; and DENG, Robert H..
An information-sharing based anti-phishing system. (2007). Proceedings of the 1st International Symposium on Data, Privacy and E-Commerce, Chengdu, China, 2007 November 1-3. 265-270.
Available at: https://ink.library.smu.edu.sg/sis_research/4149
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Additional URL
https://doi.org/10.1109/ISDPE.2007.65