CFP last date
20 December 2024
Reseach Article

Preventing Phishing Attacks: A Novel Approach

by Tushar Goyal, Alay Vakil, Dhrumil Parmar, Rishit Jain, Devesh C. Jinwala
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 121 - Number 14
Year of Publication: 2015
Authors: Tushar Goyal, Alay Vakil, Dhrumil Parmar, Rishit Jain, Devesh C. Jinwala
10.5120/21606-4521

Tushar Goyal, Alay Vakil, Dhrumil Parmar, Rishit Jain, Devesh C. Jinwala . Preventing Phishing Attacks: A Novel Approach. International Journal of Computer Applications. 121, 14 ( July 2015), 8-12. DOI=10.5120/21606-4521

@article{ 10.5120/21606-4521,
author = { Tushar Goyal, Alay Vakil, Dhrumil Parmar, Rishit Jain, Devesh C. Jinwala },
title = { Preventing Phishing Attacks: A Novel Approach },
journal = { International Journal of Computer Applications },
issue_date = { July 2015 },
volume = { 121 },
number = { 14 },
month = { July },
year = { 2015 },
issn = { 0975-8887 },
pages = { 8-12 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume121/number14/21606-4521/ },
doi = { 10.5120/21606-4521 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:08:23.382100+05:30
%A Tushar Goyal
%A Alay Vakil
%A Dhrumil Parmar
%A Rishit Jain
%A Devesh C. Jinwala
%T Preventing Phishing Attacks: A Novel Approach
%J International Journal of Computer Applications
%@ 0975-8887
%V 121
%N 14
%P 8-12
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Phishing is the process of acquiring sensitive information by masquerading as a sensitive entity. Such attacks in turn make it possible for an adversary to orchestrate Denial of Service (DOS) attacks or have sensitive data leaked from an application. With increasing reliance of people on internet based transactions, phishing attacks have also become more sophisticated and have caused large-scale material and trust losses. Hence, dealing with phishing attacks has become a critical issue. Many anti-phishing approaches that are either client-centric or server-centric involving either toolbars, databases or blacklisting have been proposed in the literature. However, we observe that there is a need for an approach that involves both the client and server, and integrates security with the primary task of the user. In this paper, we propose and experiment with an anti-phishing approach that includes server authentication in the client login process. To the best of our knowledge, ours is a novel approach involving server authentication to prevent phishing attacks successfully.

References
  1. Anti-Phishing Working Group. Phishing Activity Trends Report, Third Quarter 2013. URL: http://antiphishing. org/resources/apwg-reports/ Last Accessed: April 2015
  2. Engin Karda, Christopher Kruegel. "Protecting Users against Phishing Attacks" The Computer Journal, pp. 1-8, Vol 00, Issue 0, The British Computer Society, 2005
  3. Min Wu , Robert C. Miller , Greg Little WebWallet:Preventing Phishing Attacks by Revealing User Intentions, Symposium On Usable Privacy and Security (SOUPS) 2006, July 12-14, 2006, Pittsburgh, PA, USA.
  4. Min Wu, Robert C. Miller, Simson L. Garfinkel Do Security Toolbars Actually Prevent Phishing Attacks?, CHI 2006, April 22-27, 2006, Montral, Qubec, Canada.
  5. Michael Atighetchi, Partha Pal, "Attreibute-based prevention of Phishing Attacks", Proceedings of the 8th IEEE International Symposium on Network Computing and Applications, 2009.
  6. V. Shreeram, M Suban, P Shanthi, K Manjula, "Antiphishing detection of phishing attacks using genetic algorithm", Proceedings of the International Conference on Communication Control and Computing Technology, pp. 447-450, 2010
  7. Juan Chen, Chuan Xiong Guo "Online Detection and Prevention of Phishing Attacks" , Proceeings of the First International Conference on Commmunication and Networking in China, Beijing, pp. 1-7, 2007.
  8. Matthew Dunlop, Stephen Groat, David Shelly, " Goldpolish: Using Images for Content-based Phishing Analysis, In Proceedings of the Fifth Internationnal Conference on Internet Monitoring and Protection, Barcelona, pp. 123-128, 2010.
  9. Hicham Tout, William Hafner "Phishpin: An identity-based anti-phishing approach" in proceedings of international conference on computational science and engineering, Vancouver, BC, pages 347-352, 2009 .
  10. URL: http://en. wikipedia. org/wiki/Server (computing). Last Accessed: April 2015
  11. URL: http://en. wikipedia. org/wiki/Client (computing). Last Accessed: April 2015
  12. URL:http://en. wikipedia. org/wiki/Hashing function. Last Accessed: April 2015
  13. URL: http://en. wikipedia. org/wiki/CryptographicHash Function. Last Accessed: April 2015
  14. URL: http://en. wikipedia. org/wiki/Md5. Last Accessed: April 2015
  15. URL:http://en. wikipedia. org/wiki/SHA-1. Last Accessed: April 2015
  16. URL:http://www. not-implemented. com/comparing-hash-algorithms-md5-sha1-sha2/. Last Accessed: April 2015
  17. Mary Meeker, Liang Wu KPCB. Internet Trends Report 2013, Internet Trends D11 Conference 29th May 2013.
  18. URL:http://www. slideshare. net/kleinerperkins/kpcb-internet-trends-2013. Last Accessed: April 2015
  19. Arash Partow Python and PHP Implementations for Lightweight Hash functions URL: http://www. partow. net/programming/hashfunctions. Last Accessed: April 2015.
Index Terms

Computer Science
Information Sciences

Keywords

Security Phishing Attack Authentication.