Hostile to Phishing Programming

Presentation Transcript

Against Phishing Software Presented by: Aaron Smalls, Michelle Mature, Devin Biggers

Overview Background Research Motivation Our Project Outline Raw Data + Calculations Analysis of our work Conclusions Future Work Reference

Background What is phishing? Phishing is a type of online data or wholesale fraud whose reason for existing is to procure touchy data, for example, internet managing an account qualifications or Mastercard data from people  Entices clients to automatically and unconsciously give delicate data to the assailants individual pick up

Research Looked at an investigation from the article "Why Phishing Works" 22 members 7 genuine locales, 9 definitely known phishing, 3 recently phishing  Purpose of trial disclosed to everybody  90% of clients tricked by very much composed phishing  Results: Browser alarms = incapable Pop ups about extortion = wasteful  25% not acquainted with against phishing programming  age, sex, encounter, hours on comp, most abnormal amount of instruction = no focal points

Motivation #1 misconceived phishing webpage was said to be legit "based on substance of the page and detail in design." From Jan 1-June 30 2009 there were more than 55,000 phishing assaults as indicated by the Anti-Phishing Working Group We understand that we can't depend on clients alone to recognize phishing and true blue destinations People don't understand how much benefit can originate from a persuading phishing website

Our Project Outline We chose to test 6 FREE hostile to phishing programming devices accessible online Made a spreadsheet of 500 genuine/phishing destinations Ran every apparatus on every website to check whether it is distinguished as a phishing webpage Wrote down results for every device for every webpage Anti-Phishing Tools utilized:  AVG, IE SmartGuard, NetCraft, Comodo Verification Engine, SpoofStick, McAfee SiteAdvisor Compiled comes about into the accompanying classifications for every device: Banking, E-Commerce, E-mail, Entertainment, Gaming, Government, Hotel, Social Networking, Messenger, Other

Raw Data + Calculations Initial Results Spreadsheet  Example Analysis on SpoofStick taken from saving money class

Analysis of Results None of the 6 devices hinted at any false positives (saying it's a phishing website yet it is not) How we settled on best device for every classification: most noteworthy % confirming genuine destinations (excluding uncertain) slightest % of false negatives  Best device by class: Banking: NetCraft - all genuine checked, 8% false negative, 131 locales E-business: NetCraft - all genuine confirmed, 2% false pessimistic

Analysis of Results Education: NetCraft - 16 genuine locales, 1 phishing website, just device that remembered it as a phishing webpage E-mail: NetCraft - got 90% of phishing messages Entertainment: NetCraft - discovered 8 of 9 phishing locales Gaming: NetCraft - got 96% of phishing destinations  Government: McAfee SiteAdvisor - got 100% of phishing destinations and confirmed all genuine  Hotels: NetCraft - got 66% of phishing

Analysis of Results Social Networking: NetCraft or McAfee SiteAdvisor - out of 92 locales (54 phishing, 38 genuine) - still ~ 10 phishing not identified  Messenger: NetCraft or McAfee SiteAdvisor - just 8 destinations dissected, both returned with 1 false adverse Other: NetCraft  - 20 destinations, 1 false constructive

Conclusions After broad experimention, 3000 seperate tests (500 sites utilizing 6 devices) we found that: Overall NetCraft is by all accounts the best FREE against phishing device accessible online http://toolbar.netcraft.com/introduce Every device aside from NetCraft and McAfee SiteAdvisor had 100% false antagonistic rate in no less than 4 of the 11 classes, AVG had 100% FN in 7 classifications Comodo Verification Engine and SpoofStick could seldom confirm any genuine locales (set apart as uncertain)

Future Work We might want to have a more broad genuine/phishing spreadsheet of destinations We might want to keep on adding the most recent phishing locales reported by clients on phishtank.com We might want to test the accompanying three devices:  Microsoft Anti-Phishing Filter Add-in SpoofGuard  CallingID Toolbar

References Websites to download our 6 devices: NetCraft Anti-Phishing Toolbar http://toolbar.netcraft.com/introduce  AVG Free http://free.avg.com/us-en/landing page IE SmartScreen www.microsoft.com/security/channels/smartscreen .aspx  Comodo Verification Engine http://www.snapfiles.com/Freeware/misctools/fwbrowson.html SpoofStick http://www.snapfiles.com/Freeware/misctools/fwbrowson.html  McAfee SiteAdvisor http://www.snapfiles.com/Freeware/misctools/fwbrowson.html

References Cont... We have likewise been utilizing the follwoing scholastic papers and online articles all through our venture: "Why Phishing Works" By: Rachna Dhamija, Marti Hears, J. D. Tygar http://people.seas.harvard.edu/~rachna/papers/why_phishing_works.pdf "Protecting Users Against Phishing Attacks" by: Engin Kirda, Christopher Kruegel http://www.cs.ucsb.edu/~chris/explore/doc/cj06_phish.pdf " Phishing Filters and Toolbars" By Mary Landesman http://antivirus.about.com/od/freeantivirussoftware/tp/phishingfilter.htm " Phishing: A Primer on What Phishing is and How it Works" http://www.antiphishing.org/sponsors_technical_papers/DigiCert_ Phishing_White_Paper.pdf