Welcome to the InfoSci Platform
A Multistage Framework to Defend Against Phishing Attacks

A Multistage Framework to Defend Against Phishing Attacks

Madhusudhanan Chandrasekaran, Shambhu Upadhyaya
Copyright: © 2012 |Pages: 18
ISBN13: 9781613503232|ISBN10: 1613503237|EISBN13: 9781613503249
DOI: 10.4018/978-1-61350-323-2.ch203
Cite Chapter Cite Chapter

MLA

Chandrasekaran, Madhusudhanan, and Shambhu Upadhyaya. "A Multistage Framework to Defend Against Phishing Attacks." Cyber Crime: Concepts, Methodologies, Tools and Applications, edited by Information Resources Management Association, IGI Global, 2012, pp. 245-262. https://doi.org/10.4018/978-1-61350-323-2.ch203

APA

Chandrasekaran, M. & Upadhyaya, S. (2012). A Multistage Framework to Defend Against Phishing Attacks. In I. Management Association (Ed.), Cyber Crime: Concepts, Methodologies, Tools and Applications (pp. 245-262). IGI Global. https://doi.org/10.4018/978-1-61350-323-2.ch203

Chicago

Chandrasekaran, Madhusudhanan, and Shambhu Upadhyaya. "A Multistage Framework to Defend Against Phishing Attacks." In Cyber Crime: Concepts, Methodologies, Tools and Applications, edited by Information Resources Management Association, 245-262. Hershey, PA: IGI Global, 2012. https://doi.org/10.4018/978-1-61350-323-2.ch203

Export Reference

Mendeley
Favorite

Abstract

Phishing scams pose a serious threat to end-users and commercial institutions alike. E-mail continues to be the favorite vehicle to perpetrate such scams, mainly due to its widespread use combined with the ability to easily spoof them. Several approaches, both generic and specialized, have been proposed to address this growing problem. However, phishing techniques, growing in ingenuity as well as sophistication, render these solutions weak. To overcome these limitations, we propose a multistage framework – the first stage aims at detecting phishing based on their semantic and structural properties, whereas in the second stage we propose a proactive technique based on a challenge-response technique to establish the authenticity of a Web site. Using live e-mail data, we demonstrate that our approach with these two stages is able to detect a wider range of phishing attacks than existing schemes. Also, our performance analysis study shows that the implementation overhead introduced by our tool is negligibly small.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.