Publication Type : Journal Article
Publisher : Decision Support Systems and Electronic Commerce (Elsevier) (Impact Factor: 2.201, SCI Indexed)
Source : Decision Support Systems and Electronic Commerce (Elsevier) (Impact Factor: 2.201, SCI Indexed), Volume 61, p.12 - 22 (2014)
Url : //www.sciencedirect.com/science/article/pii/S0167923614000037
Keywords : Anti-phishing, E-commerce security, Phishing, Target domain detection
Campus : Coimbatore
School : School of Engineering
Department : Computer Science
Verified : Yes
Year : 2014
Abstract : Abstract Phishing is a fraudulent act to acquire sensitive information from unsuspecting users by masking as a trustworthy entity in an electronic commerce. Several mechanisms such as spoofed e-mails, {DNS} spoofing and chat rooms which contain links to phishing websites are used to trick the victims. Though there are many existing anti-phishing solutions, phishers continue to lure the victims. In this paper, we present a novel approach that not only overcomes many of the difficulties in detecting phishing websites but also identifies the phishing target that is being mimicked. We have proposed an anti-phishing technique that groups the domains from hyperlinks having direct or indirect association with the given suspicious webpage. The domains gathered from the directly associated webpages are compared with the domains gathered from the indirectly associated webpages to arrive at a target domain set. On applying Target Identification (TID) algorithm on this set, we zero-in the target domain. We then perform third-party {DNS} lookup of the suspicious domain and the target domain and on comparison we identify the legitimacy of the suspicious page.
Cite this Research Publication : Dr. Gowtham R., Krishnamurthi, I., and K. Kumar, S. Sree, “An efficacious method for detecting phishing webpages through target domain identification”, Decision Support Systems and Electronic Commerce (Elsevier) (Impact Factor: 2.201, SCI Indexed), vol. 61, pp. 12 - 22, 2014.