ISU Electrical and Computer Engineering Archives

Techniques for detecting zero day phishing websites

Blasi, Michael (2009) Techniques for detecting zero day phishing websites. Masters thesis, Iowa State University.

Full text available as:

PDF - Requires Adobe Acrobat Reader or other PDF viewer.

Abstract

Phishing is a means of obtaining confidential information through fraudulent web sites that appear to be legitimate. There are many phishing detection techniques available, but current practices leave much to be desired. A central problem is that web browsers rely on a black list of known phishing sites, but some phishing sites have a lifespan as short as a few hours. A faster recognition system is needed by the web browser to identify zero day phishing sites which are new phishing sites that have not yet been discovered. This research improves upon techniques used by popular anti-phishing software and introduces a new method of detecting fraudulent web pages using cascading style sheets (CSS). Current phishing detection techniques are examined and a new detection method is implemented and evaluated against hundreds of known phishing sites.

EPrint Type:Thesis (Masters)
Uncontrolled Keywords:phishing, identity theft, web security, online fraud
Subjects:Computer Engineering > INFORMATION SYSTEMS SECURITY & NETWORKING > Information Assurance
Computer Engineering > INFORMATION SYSTEMS SECURITY & NETWORKING > Computer Networking and Security
ID Code:498
Identification Number:Identification Number UNSPECIFIED
Deposited By:Michael Blasi
Deposited On:20 June 2009

Archive Staff Only: edit this record