Phishing Attack Case Study

4740 Words19 Pages
www.ijraset.com Vol. 2 Issue IX, September 2014
ISSN: 2321-9653
INTERNATIONAL JOURNAL FOR RESEARCH IN AP PL I ED SC I ENC E AND
ENGINEERING TECHNOLO GY (IJRAS ET)
Page 92
A rule based approach for detecting
Phishing attacks
Vivek Shukla
1
, Mahendra Kumar Rai2
1,2 M.E.(CSE), HOD(IT)
(S.R.I.T.) Jabalpur (M.P)
Abstract: Phishing attacks are one of the emerging serious threats against personal data security. These attacks are often performed by sending out emails that seem to originate from a trusted party. The objective is to deceive the recipient to release sensitive information such as usernames, passwords, banking details, or credentials. The aim of phishing is to steal a user’s identity in order to make fraudulent transactions as if the Phisher
…show more content…
Business refers to the business from which the email supposedly has been sent. LoginURL refers to the URL within the email that the recipient should use to access the business’ login page. The rules fall into the following general categories:
(1) Identification and analysis of the login URL in the email
(2) Analysis of the email headers
(3) Analysis across URLs and images in the email
(4) Determining if the URL is accessible
These rules are:
Rule 1: If the email appears (based on search engine results) to not be directing the recipient to the actual login page for the business, the result is positive. Rule 2: In HTML formatted emails, if a URL displayed to the recipient uses TLS, it is compared to the URL in the HREF tag. If the URL in the tag does not use TLS , the result is positive. Rule 3: If the login URL is referenced as a raw IP address instead of a domain name, the result is positive. Rule 4: If the business name appears in the login URL, but not in the domain portion, the result is positive. www.ijraset.com Vol. 2 Issue IX, September 2014
ISSN: 2321-9653
INTERNATIONAL JOURNAL FOR RESEARCH IN AP PL I ED SC I ENC E AND
ENGINEERING TECHNOLO GY (IJRAS
…show more content…
These sources could take the form of web services, or other tagged resources, to provide additional information to the decision making process. many phishing attacks include copies of corporate logos, and if one could map a logo back to its legitimate owner’s website, that would be valuable information in determining the authenticity of a website or email displaying that logo. As image sharing and tagging services such as Flickr [29] are increasing in use, it is not unreasonable to think that some day in the near future, one might actually be able to search with an image and get back a description as a result. There are a number of emerging technologies that could greatly assist phishing classification that we have not considered. For instance, Sender ID Framework (SIDF) [19] and DomainKeys
[28], along with other such sender authentication technologies, www.ijraset.com Vol. 2 Issue IX, September 2014
ISSN: 2321-9653
INTERNATIONAL JOURNAL FOR RESEARCH IN AP PL I ED SC I ENC E AND
ENGINEERING TECHNOLO GY (IJRAS ET)
Page 99 should help to both reduce false positives and make detection of spoofed senders much simplerin the time to come.

More about Phishing Attack Case Study

Open Document