1 / 14

Anti-Phishing Software

Anti-Phishing Software. Presented by: Aaron Smalls, Michelle Mature, Devin Biggers. Overview. Background Research Motivation Our Project Outline Raw Data + Calculations Analysis of our work Conclusions Future Work Reference. Background. What is phishing?

Solomon
Download Presentation

Anti-Phishing Software

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Anti-Phishing Software Presented by: Aaron Smalls, Michelle Mature, Devin Biggers

  2. Overview • Background • Research • Motivation • Our Project Outline • Raw Data + Calculations • Analysis of our work • Conclusions • Future Work • Reference

  3. Background • What is phishing? • Phishing is a form of online information or identity theft whose purpose is to acquire sensitive information such as online banking credentials or credit card information from individuals •  Entices users to involuntarily and unknowingly provide sensitive information for the attackers personal gain

  4. Research Looked at an experiment from the article "Why Phishing Works" • 22 participants • 7 legit sites, 9 already known phishing, 3 newly phishing •  Purpose of experiment explained to everyone •  90% of users fooled by well designed phishing •  Results: • Browser alerts = ineffective • Pop ups about fraud = inefficient •  25% not familiar with anti-phishing software •  age, sex, experience, hours on comp, highest level of education = no advantages

  5. Motivation • #1 misjudged phishing site was said to be legit "based on content of the page and detail in design." • From Jan 1- June 30 2009 there were over 55,000 phishing attacks according to the Anti-Phishing Working Group • We realize that we can't rely on users alone to distinguish between phishing and legitimate sites • People don't realize how much profit can come from a convincing phishing site

  6. Our Project Outline • We decided to test 6 FREE anti-phishing software tools available online • Made a spreadsheet of 500 legit/phishing sites • Ran each tool on each site to see if it is detected as a phishing site • Wrote down results for each tool for each site • Anti-Phishing Tools used: •  AVG, IE SmartGuard, NetCraft, Comodo Verification Engine, SpoofStick, McAfee SiteAdvisor • Compiled results into the following categories for each tool: • Banking, E-Commerce, E-mail, Entertainment, Gaming, Government, Hotel, Social Networking, Messenger, Other

  7. Raw Data + Calculations • Initial Results Spreadsheet •  Example Analysis on SpoofStick taken from banking category

  8. Analysis of Results • None of the 6 tools showed any signs of false positives (saying it's a phishing site but it is not) • How we decided on best tool for each category: • greatest % verifying legit sites (not including unsure) • least % of false negatives •  Best tool by category: • Banking: NetCraft - all legit verified, 8% false negative, 131 sites • E-commerce: NetCraft - all legit verified, 2% false negative

  9. Analysis of Results • Education: NetCraft - 16 legit sites, 1 phishing site, only tool that recognized it as a phishing site • E-mail: NetCraft - caught 90% of phishing e-mails • Entertainment: NetCraft - caught 8 of 9 phishing sites • Gaming: NetCraft - caught 96% of phishing sites •  Government: McAfee SiteAdvisor - caught 100% of phishing sites and verified all legit •  Hotels: NetCraft - caught 66% of phishing

  10. Analysis of Results • Social Networking: NetCraft or McAfee SiteAdvisor - out of 92 sites (54 phishing, 38 legit) - still ~ 10 phishing not detected •  Messenger: NetCraft or McAfee SiteAdvisor - only 8 sites analyzed, both came back with 1 false negative • Other: NetCraft  - 20 sites, 1 false positive

  11. Conclusions • After extensive experimention, 3000 seperate tests (500 websites using 6 tools) we found that: • Overall NetCraft seems to be the best FREE anti-phishing tool available online • http://toolbar.netcraft.com/install • Every tool except NetCraft and McAfee SiteAdvisor had 100% false negative rate in at least 4 of the 11 categories, AVG had 100% FN in 7 categories • Comodo Verification Engine and SpoofStick could rarely verify any legit sites (marked as unsure)

  12. Future Work • We would like to have a more extensive legit/phishing spreadsheet of sites • We would like to continue to add the latest phishing sites reported by users on phishtank.com • We would like to test the following three tools: •  Microsoft Anti-Phishing Filter Add-in • SpoofGuard •  CallingID Toolbar

  13. References Websites to download our 6 tools: • NetCraft Anti-Phishing Toolbar http://toolbar.netcraft.com/install •  AVG Free http://free.avg.com/us-en/homepage • IE SmartScreen www.microsoft.com/security/filters/smartscreen.aspx •  Comodo Verification Engine http://www.snapfiles.com/Freeware/misctools/fwbrowson.html • SpoofStick http://www.snapfiles.com/Freeware/misctools/fwbrowson.html •  McAfee SiteAdvisor http://www.snapfiles.com/Freeware/misctools/fwbrowson.html

  14. References Cont... We have also been using the follwoing academic papers and online articles throughout our project: "Why Phishing Works" By: Rachna Dhamija, Marti Hears, J. D. Tygar http://people.seas.harvard.edu/~rachna/papers/why_phishing_works.pdf "Protecting Users Against Phishing Attacks" by: Engin Kirda, Christopher Kruegel http://www.cs.ucsb.edu/~chris/research/doc/cj06_phish.pdf “Phishing Filters and Toolbars” By Mary Landesmanhttp://antivirus.about.com/od/freeantivirussoftware/tp/phishingfilter.htm “Phishing: A Primer on What Phishing is and How it Works” http://www.antiphishing.org/sponsors_technical_papers/DigiCert_ Phishing_White_Paper.pdf

More Related