prev
next
out of 21

Vinod_ppt

Embed Size (px)

Citation preview

  • 7/28/2019 Vinod_ppt

    1/21

  • 7/28/2019 Vinod_ppt

    2/21

    Fishing = Phishing

  • 7/28/2019 Vinod_ppt

    3/21

    Anti-Phishing and Online Detecti

    By

    V. Vinod Kumar

    [09BK1A0557]

    CSE Department

    St. Peters Engg colleg

  • 7/28/2019 Vinod_ppt

    4/21

    What is Phishing?????

    The word Phishing emerged in 1990s.

    Phishing is a new word produced from `fishing', it refers to

    that the attacker allure users to visit a faked Web site by se

    them faked e-mails (or instant messages)

    Phishing is a type of deception designed to steal your vapersonal data, such as credit card numbers, passwords, accoun

    or other information.

    Phishing is part of Social Engineering.

  • 7/28/2019 Vinod_ppt

    5/21

    Why they Phish?

    Phishing is about playing the oddsSimple to do and high gain for little work

    No real knowledge necessary

    4.5 people out 10 fall for it.(ZDNet)

    Most Phishing is for financial gain

    Some do it to spread malicious programs

    that in turn carry out other attacks

  • 7/28/2019 Vinod_ppt

    6/21

    History of Phishing

    Phreaking + Fishing = Phishing

    Phreaking = making phone calls for free backin 70s

    Fishing = Use bait to lure the target

    Phishing in 1995

    Target: AOL users

    Purpose: getting account passwords for free

    time

    Threat level: low

    Techniques: Similar names (www.ao1.comforwww.aol.com ), social engineering

    Phishing in 200

    Target: Ebayers and major ban

    Purpose: getting credit card nu

    Threat level: medium

    Techniques: Same in 1995, ke

    Phishing in 2007

    Target: Paypal, banks, ebayPurpose: bank accounts

    Threat level: high

    Techniques: browser vulnerab

    obfuscation

    http://www.ao1.com/http://www.aol.com/http://www.aol.com/http://www.aol.com/http://www.aol.com/http://www.aol.com/http://www.aol.com/http://www.ao1.com/http://www.ao1.com/http://www.ao1.com/http://www.ao1.com/http://www.ao1.com/http://www.ao1.com/

  • 7/28/2019 Vinod_ppt

    7/21

    How they Phish?

    Web based attacks (XSS, Droppers, Malware, Fake sites,

    Forums, Compromised sites, Social Media).

    Email Programs / Open Relays

    Tor for anonymity

    Crazy Browser

  • 7/28/2019 Vinod_ppt

    8/21

    Web Based Phishing Attacks

    Attackers use

    Forums: Posting malicious URLs, XSS

    Fake domains: PayPal vs. PayPaI

  • 7/28/2019 Vinod_ppt

    9/21

    The Procedure of Phishing Attacks

    Phishing attacks are performed with the following four steps:

    1) Phishers set up a counterfeited website which looks exactly like the

    website.

    2) Send large amount of spoofed e-mails to target users in the nam

    legitimate companies and organizations.

    3) Receivers receive the e-mail, open it, click the spoofed hyperlinmail, and input the required information.

    4) Phishers steal the personal information and perform their fraud activ

  • 7/28/2019 Vinod_ppt

    10/21

    Approaches to Prevent Phishing Attacks

    There are several (technical or non-technical) ways to prevent phishing a

    1) Educate users to understand how phishing attacks work and be alephishing-alike e-mails are received;

    2) Use legal methods to punish phishing attackers;3) Use technical methods to stop phishing attackers. In this paper,

    focus on the third one.

  • 7/28/2019 Vinod_ppt

    11/21

    Existing System

    1) Detect and block the phishing Web sites in time

    2) Enhance the security of the web sites

    3) Block the phishing e-mails by various spam filters

    4) Install online anti-phishing software in users

    computers

  • 7/28/2019 Vinod_ppt

    12/21

    Proposed System

    i) Classification of the hyperlinks in the phishing e-mails

    ii) Link guard algorithm

    iii) Link guard implemented clientiv) Feasibility study

  • 7/28/2019 Vinod_ppt

    13/21

    How to Detect Phishing?

    Bad grammar

    Generic Salutations

    Account Information Requests / Threats

    from companies you dont use.Mail Headers

    Hovering over links / Long URL Service

    Unknown senders

  • 7/28/2019 Vinod_ppt

    14/21

    How to Avoid Phishing

    Dont Click The Link

    Type the site name in your browser (such as www.paypal.com)

    Never send sensitive account information by e-mail

    Account numbers, SSN, passwords

    Never give any password out to anyone

    Verify any person who contacts you (phone or email).

    If someone calls you on a sensitive topic, thank them, hang upthem back using a number that you know is correct, like frcredit card or statement.

  • 7/28/2019 Vinod_ppt

    15/21

    Architecture of LinkGuard

  • 7/28/2019 Vinod_ppt

    16/21

    The Link Guard algorithm

    LinkGuard works by analyzing the differences between the visualthe actual link. It also calculates the similarities of a URI with

    trusted site.

    The following terminologies are used in the algorithm

    v_link: visual link;

    a_link: actual_link;v_dns: visual DNS name;

    a_dns: actual DNS name; sender_dns:

    senders DNS name. int LinkGuard(v_link, a_link}

  • 7/28/2019 Vinod_ppt

    17/21

    v_dns = GetDNSName(v_link);

    a_dns = GetDNSName(a_link);

    if ((v_dns and a_dns are not empty) and (v_dns != a_dns)) return PHISHING;

    if (a_dns is dotted decimal)return POSSIBLE_PHISHING;

    if(a_link or v_link is encoded)

    {

    v_link2 = decode (v_link);

    a_link2 = decode (a_link);

    return LinkGuard(v_link2, a_link2);

    }

    if(v_dns is NULL)

    return AnalyzeDNS(a_link);

    }

    if (actual_dns in blacklist) return PHISHING;

    if (actual_dns in whitelist return NOTPHISHING;

    return PatternMatching(actual_link)

    Working is as follows

  • 7/28/2019 Vinod_ppt

    18/21

    Statistical Info

  • 7/28/2019 Vinod_ppt

    19/21

    From: Customer Support [mailto:[email protected]]

    Sent: Thursday, October 07, 2004 7:53 PM

    To: Eilts

    Subject: NOTE! Citibank account suspend in processDear Customer:

    Recently there have been a large number of cyber attacks pointing our database servers

    to safeguard your account, we require you to sign on immediately. This personal check is

    you as a precautionary measure and to ensure yourselves that everything is normal with

    and personal information. This process is mandatory, and if you did not sign on within the

    your account may be subject to temporary suspension. Please make sure you have your

    debit card number and your User ID and Password at hand. Please use our secure c

    to indicate that you have signed on, please click the link bellow:http://211.158.34.249/cwe have no particular indications that your details have been compromised in any way. T

    your prompt attention to this matter and thank you for using Citibank(R)

    Regards,

    Citibank(R) Card Department

    (C)2004 Citibank. Citibank, N.A., Citibank, F.S.B.,

    Citibank (West), FSB. Member FDIC.Citibank and Arc

    Example of Phishing

    http://211.158.34.249/citifi/http://211.158.34.249/citifi/

  • 7/28/2019 Vinod_ppt

    20/21

    Conclusion

    Phishing has becoming a serious network security problemfinancial lose of billions of dollars to both consumers and e-c

    companies.

    Fundamentally, phishing has made e-commerce distrusted

    attractive to normal consumers.

    We have discussed the characteristics of the hyperlinks that were ein phishing e-mails.

    We have implemented LinkGuard for Windows XP. Our ex

    showed that LinkGuard is light-weighted and can detect up to 96%

    phishing attacks in real-time.

  • 7/28/2019 Vinod_ppt

    21/21

    Any Queries ????


Basic Buffer Overflows Explained

Basic Buffer Overflows Explained

Documents
расписание электричек Москва-Железка

расписание электричек Москва-Железка

Documents
Compressing And Decompressing Folders

Compressing And Decompressing Folders

Documents
Who Killed God

Who Killed God

Documents
Chapter-01

Chapter-01

Documents
Simple Functions in Haskell

Simple Functions in Haskell

Documents
Do you admire Leonardo da Vinci?

Do you admire Leonardo da Vinci?

Documents
1 시스템분석입문

1 시스템분석입문

Documents
Barclays1

Barclays1

Documents
Heidegger Kritik

Heidegger Kritik

Documents
Life Is Just A Dream - Or Is It?

Life Is Just A Dream - Or Is It?

Documents
Bodybuilding - The Rock Hard Challenge (Month 1 Training)

Bodybuilding - The Rock Hard Challenge (Month 1 Training)

Documents
How Computer Keyboards Work

How Computer Keyboards Work

Documents
Steve Jobs' Commencement Speech at Stanford

Steve Jobs' Commencement Speech at Stanford

Documents
Rubik's cube solution

Rubik's cube solution

Documents
Iron Mills Essay

Iron Mills Essay

Documents
Star Wars Original Trilogy Trivia (Episodes IV-VI)

Star Wars Original Trilogy Trivia (Episodes IV-VI)

Documents
Tragic Heroes

Tragic Heroes

Documents
Puntuación PAEF,s

Puntuación PAEF,s

Documents
xCDC14a

xCDC14a

Documents
Acetone Peroxide

Acetone Peroxide

Documents
Keyboard Shortcuts for the Opera Browser for Mac OS X

Keyboard Shortcuts for the Opera Browser for Mac OS X

Documents
Plato - Symposium

Plato - Symposium

Documents
Chapter 24

Chapter 24

Documents
Cakes Recipes

Cakes Recipes

Documents
Venture Capital

Venture Capital

Documents
Bhagavad Gita

Bhagavad Gita

Documents
(Tesla) - The Tesla Magnetic Car Engine

(Tesla) - The Tesla Magnetic Car Engine

Documents
Introduction to Six Sigma

Introduction to Six Sigma

Documents
How Computer Monitors Work

How Computer Monitors Work

Documents