International Journal of Computer Networks and Applications (IJCNA)

Published By EverScience Publications

ISSN : 2395-0455

International Journal of Computer Networks and Applications (IJCNA)

International Journal of Computer Networks and Applications (IJCNA)

Published By EverScience Publications

ISSN : 2395-0455

TabSecure: An Anti-Phishing Solution with Protection against Tabnabbing

Author NameAuthor Details

Priyanka Joshi, Madhumita Chatterjee

Priyanka Joshi[1]

Madhumita Chatterjee[2]

[1]Computer Engineering, PIIT, New Panvel, Mumbai University, India.

[2]Computer Engineering, PIIT, New Panvel, Mumbai University, India.

Abstract

With an upsurge in the use of internet, there are various attacks being launched every day. These attacks target the vulnerabilities of various computer resources, such as, the operating system, web browsers, toolbars, etc. along with the susceptibility of the users due to lack of awareness about the possible scams. The existing solutions suffer various drawbacks. The website phishing solutions fail when JavaScript is used in the webpage. The email phishing solution propose use of a special web browser instead of the existing popular ones, in order to secure the user from phishing emails. The tabnabbing solutions follow visual cues which are prone to false negatives. The proposed approach aims to resolve these issues and provides a solution to phishing through websites, email phishing and tabnabbing using web browser monitor and an email phishing detection module that uses Bayesian classifier, but in a way different from the way it was used in a solution proposed earlier. The system keeps sending popups to the user until the user closes the phishing page detected by the system, hence reducing the chance of the user getting masqueraded.

Index Terms

Phishing

Tabnabbing

Browser monitor

Deceptive phishing

Reference

  1. 1.
    Joe, M. Milton, B. Ramakrishnan ,“A Survey of Various Security Issues in Online Social Networks”, International Journal of Computer Networks and Applications Volume 1, Issue 1, November – December (2014).
  2. 2.
    2 Greg Aaron, Rod Rasmussen, “Phishing Activity Trends Report”, Anti-Phishing Work Group (APWG), November 2013.
  3. 3.
    Phishing Activity Trends Report, 2nd Quarter 2013.
  4. 4.
    Christine E. Drake, Jonathan J. Oliver, and Eugene J. Koontz, “Anatomy of a Phishing Email”, MailFrontier, Inc., 2005.
  5. 5.
    Gunter Ollmann, “The Phishing Guide Understanding & Preventing Phishing Attacks”, IBM Internet Security Systems, 2007.
  6. 6.
    Christian Ludl, Sean McAllister, Engin Kirda, Christopher Kruegel, “On the Effectiveness of Techniques to Detect Phishing Sites”, 2008.
  7. 7.
    Gunter Ollmann, “The Phishing Guide Understanding & Preventing Phishing Attacks”, IBM Internet Security Systems, 2007.
  8. 8.
    Phishing Activity Trends Report, 2nd Quarter 2013.
  9. 9.
    Engin Kirda, Christopher Kruegel, “Protecting Users Against Phishing Attacks with AntiPhish”, The Computer Journal, 2005.
  10. 10.
    Sophie Gastellier-Prevost, Gustavo Gonzalez Granadillo, and Maryline Laurent, “A dual approach to detect pharming attacks at the client-side”, IEEE 2011.
  11. 11.
    Aanchal Jain, Prof. Vineet Richariya, “Implementing a Web Browser with Phishing Detection Techniques”, World of Computer Science and Information Technology Journal (WCSIT), 2011.
  12. 12.
    Aza Raskin Tabnabbing: A New Type of Phishing Attack [ONLINE]. Available: http://www.azarask.in/blog/post/a-new-type-of-phishing-attack, accessed on: 12/02/2014
  13. 13.
    Rableen Kaur Suri, Deepak Singh Tomar, Divya Rishi Sahu, “An Approach To Perceive Tabnabbing Attack”, International Journal Of Scientific & Technology Research Volume 1, Issue 6, July 2012.
  14. 14.
    Philippe De Ryck, Nick Nikiforakis, Lieven Desmet, Wouter Joosen, “TabShots: Client-Side Detection of Tabnabbing Attacks”, ASIA CCS’13, May 8–10, 2013
  15. 15.
    Phishtank database [ONLINE]. Available: http://www.phishtank.com, accessed on: 20/01/2014.
  16. 16.
    Aza Raskin Tabnabbing: A New Type of Phishing Attack [ONLINE]. Available: http://www.azarask.in/blog/post/a-new-type-of-phishing-attack, accessed on: 12/02/2014
  17. 17.
    Christine E. Drake, Jonathan J. Oliver, and Eugene J. Koontz, “Anatomy of a Phishing Email”, MailFrontier, Inc., 2005.
IJCNA NPC