SpoofCatch: A Client-Side Protection Tool Against Phishing Attacks

To protect against web spoofing attacks, most antiphishing solutions in the literature either escape certain attack patterns or are based on complex sets of parameters to identify phishing attacks or suffer from both. In this article, we propose that phishing attacks can be prevented by simply relyi...

Full description

Saved in:
Bibliographic Details
Published in:IT professional 2021-03, Vol.23 (2), p.65-74
Main Authors: Khan, Wilayat, Ahmad, Aakash, Qamar, Aamir, Kamran, Muhammad, Altaf, Muhammad
Format: Article
Language:English
Subjects:
Algorithms
Computer science
Contacts
Parameter identification
Phishing
Signal processing
Similarity
Spoofing
Visualization
Web pages
Websites
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:To protect against web spoofing attacks, most antiphishing solutions in the literature either escape certain attack patterns or are based on complex sets of parameters to identify phishing attacks or suffer from both. In this article, we propose that phishing attacks can be prevented by simply relying on an overall visual appearance of the web page that the user sees. To realize our claim, we propose a client-side protection mechanism based on visual similarity of web pages and implement our mechanism as a browser extension, dubbed SpoofCatch. For similarity comparison between genuine and phished web pages, four similarity algorithms have been implemented and integrated in the extension. To evaluate the solution, large scale and extensive experiments have been conducted that demonstrate SpoofCatch can capture all phishing attacks with acceptable overhead.
ISSN:1520-9202
1941-045X
DOI:10.1109/MITP.2020.3006477