MA work completed: Holistic Approach to detect Phishing Websites

Author: Marco Madritsch

Supervisor: Peter Schartner (AINF/syssec)

In cooperation with: Marcus Hassler (econob)

A phishing attack attempts to encourage the victim to reveal sensitive information by the use of fake massages and manipulated websites. This thesis deals with the conception and prototypical development of a holistic approach in order to detect phishing websites. The architecture consists of a client-side browser extension for Mozilla Firefox and a server-side RESTful web service (see Figure 1). The implemented analysis process comprises a total of six superordinate analysis steps and evaluates a website on the one hand on the basis of certain heuristics and on the other hand on the basis of a classifier and the individual surfing behavior pattern of the respective user. The results of the prototype evaluation showed an accuracy of 84.17{c8db3f4443fb2f1c80e20e2e8420a201d47393e6b007c83f4847286f4b955a35}, with a sensitivity of 78.13{c8db3f4443fb2f1c80e20e2e8420a201d47393e6b007c83f4847286f4b955a35} and a specificity of 90.22{c8db3f4443fb2f1c80e20e2e8420a201d47393e6b007c83f4847286f4b955a35}.

Figure 1: Architecture of the Anti-Phishing Concept

Contact Person: Peter Schartner

Der Beitrag MA work completed: Holistic Approach to detect Phishing Websites erschien zuerst auf Alpen-Adria-Universität Klagenfurt.

Source: AAU TEWI