Decisive heuristics to differentiate legitimate from phishing sites

Sophie Gastellier-Prevost; Gustavo Gonzalez Granadillo; Maryline Laurent

doi:10.1109/SAR-SSI.2011.5931389

Decisive heuristics to differentiate legitimate from phishing sites

Sophie Gastellier-Prevost
, Gustavo Gonzalez Granadillo
, Maryline Laurent

CNRS SAMOVAR UMR 5157

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Phishing attacks are a major concern for preserving Internet users privacy, especially when most of them lead to financial data theft by combining both social engineering and spoofing techniques. As blacklists are not the most effective in detecting phishing sites because of their short lifetime, heuristics appears as a privileged way at time 0. Several previous studies discussed the different types of phishing characteristics that can help defining heuristics tests, as well as comparing them to blacklists. In our paper, we studied heuristics using a different approach. Based on the characteristics of phishing URLs and webpages, we defined 20 heuristics tests and implemented them in our own active anti-phishing toolbar (Phishark). Then, we tested the heuristics effectiveness and determined which heuristics are decisive to differentiate legitimate from phishing sites.

Original language	English
Title of host publication	2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings
DOIs	https://doi.org/10.1109/SAR-SSI.2011.5931389
Publication status	Published - 1 Aug 2011
Externally published	Yes
Event	2011 Conference on Network and Information Systems Security, SAR-SSI 2011 - Ile de Re, La Rochelle, France Duration: 18 May 2011 → 21 May 2011

Publication series

Name	2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings

Conference

Conference	2011 Conference on Network and Information Systems Security, SAR-SSI 2011
Country/Territory	France
City	Ile de Re, La Rochelle
Period	18/05/11 → 21/05/11

Access to Document

10.1109/SAR-SSI.2011.5931389

Cite this

Gastellier-Prevost, S., Granadillo, G. G., & Laurent, M. (2011). Decisive heuristics to differentiate legitimate from phishing sites. In 2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings Article 5931389 (2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings). https://doi.org/10.1109/SAR-SSI.2011.5931389

@inproceedings{389d14b9626a4d70b003a29f10aa154f,

title = "Decisive heuristics to differentiate legitimate from phishing sites",

abstract = "Phishing attacks are a major concern for preserving Internet users privacy, especially when most of them lead to financial data theft by combining both social engineering and spoofing techniques. As blacklists are not the most effective in detecting phishing sites because of their short lifetime, heuristics appears as a privileged way at time 0. Several previous studies discussed the different types of phishing characteristics that can help defining heuristics tests, as well as comparing them to blacklists. In our paper, we studied heuristics using a different approach. Based on the characteristics of phishing URLs and webpages, we defined 20 heuristics tests and implemented them in our own active anti-phishing toolbar (Phishark). Then, we tested the heuristics effectiveness and determined which heuristics are decisive to differentiate legitimate from phishing sites.",

author = "Sophie Gastellier-Prevost and Granadillo, \{Gustavo Gonzalez\} and Maryline Laurent",

year = "2011",

month = aug,

day = "1",

doi = "10.1109/SAR-SSI.2011.5931389",

language = "English",

isbn = "9781457707377",

series = "2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings",

booktitle = "2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings",

note = "2011 Conference on Network and Information Systems Security, SAR-SSI 2011 ; Conference date: 18-05-2011 Through 21-05-2011",

}

Gastellier-Prevost, S, Granadillo, GG & Laurent, M 2011, Decisive heuristics to differentiate legitimate from phishing sites. in 2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings., 5931389, 2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings, 2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Ile de Re, La Rochelle, France, 18/05/11. https://doi.org/10.1109/SAR-SSI.2011.5931389

Decisive heuristics to differentiate legitimate from phishing sites. / Gastellier-Prevost, Sophie; Granadillo, Gustavo Gonzalez; Laurent, Maryline.
2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings. 2011. 5931389 (2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Decisive heuristics to differentiate legitimate from phishing sites

AU - Gastellier-Prevost, Sophie

AU - Granadillo, Gustavo Gonzalez

AU - Laurent, Maryline

PY - 2011/8/1

Y1 - 2011/8/1

N2 - Phishing attacks are a major concern for preserving Internet users privacy, especially when most of them lead to financial data theft by combining both social engineering and spoofing techniques. As blacklists are not the most effective in detecting phishing sites because of their short lifetime, heuristics appears as a privileged way at time 0. Several previous studies discussed the different types of phishing characteristics that can help defining heuristics tests, as well as comparing them to blacklists. In our paper, we studied heuristics using a different approach. Based on the characteristics of phishing URLs and webpages, we defined 20 heuristics tests and implemented them in our own active anti-phishing toolbar (Phishark). Then, we tested the heuristics effectiveness and determined which heuristics are decisive to differentiate legitimate from phishing sites.

AB - Phishing attacks are a major concern for preserving Internet users privacy, especially when most of them lead to financial data theft by combining both social engineering and spoofing techniques. As blacklists are not the most effective in detecting phishing sites because of their short lifetime, heuristics appears as a privileged way at time 0. Several previous studies discussed the different types of phishing characteristics that can help defining heuristics tests, as well as comparing them to blacklists. In our paper, we studied heuristics using a different approach. Based on the characteristics of phishing URLs and webpages, we defined 20 heuristics tests and implemented them in our own active anti-phishing toolbar (Phishark). Then, we tested the heuristics effectiveness and determined which heuristics are decisive to differentiate legitimate from phishing sites.

UR - https://www.scopus.com/pages/publications/79960800504

U2 - 10.1109/SAR-SSI.2011.5931389

DO - 10.1109/SAR-SSI.2011.5931389

M3 - Conference contribution

AN - SCOPUS:79960800504

SN - 9781457707377

T3 - 2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings

BT - 2011 Conference on Network and Information Systems Security, SAR-SSI 2011, Proceedings

T2 - 2011 Conference on Network and Information Systems Security, SAR-SSI 2011

Y2 - 18 May 2011 through 21 May 2011

ER -

Decisive heuristics to differentiate legitimate from phishing sites

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this