A novel anti-phishing framework based on honeypots
Dateien
Datum
Autor:innen
Herausgeber:innen
ISSN der Zeitschrift
Electronic ISSN
ISBN
Bibliografische Daten
Verlag
Schriftenreihe
Auflagebezeichnung
URI (zitierfähiger Link)
DOI (zitierfähiger Link)
Internationale Patentnummer
Link zur Lizenz
Angaben zur Forschungsförderung
Projekt
Open Access-Veröffentlichung
Core Facility der Universität Konstanz
Titel in einer weiteren Sprache
Publikationstyp
Publikationsstatus
Erschienen in
Zusammenfassung
As a powerful anti-phishing tool, honeypots have been widely used by security service providers and financial institutes to collect phishing mails, so that new phishing sites can be earlier detected and quickly shut down. Another popular use of honeypots is to collect useful information about phishers' activities, which is used to make various kinds of statistics for the purposes of research and forensics. Recently, it has also been proposed to actively feed phishers with honeytokens. In the present paper, we discuss some problems of existing anti-phishing solutions based on honeypots. We propose to overcome these problems by transforming the real e-banking system itself into a honeypot equipped with honeytokens and supported by some other kinds of honeypots. A phishing detector is used to automatically detect suspicious phishers' attempts of stealing money from victims' accounts, and then ask for the potential victims' reconfirmation. This leads to a novel anti-phishing framework based on honeypots. As an indispensable part of the framework, we also propose to use phoneybots, i.e., active honeypots running in virtual machines and mimicking real users' behavior to access the real e-banking system automatically, in order to submit honeytokens to pharmers and phishing malware. The involvement of phoneybots is crucial to fight against advanced phishing attacks such as pharming and malware-based phishing attacks.
Zusammenfassung in einer weiteren Sprache
Fachgebiet (DDC)
Schlagwörter
Konferenz
Rezension
Zitieren
ISO 690
LI, Shujun, Roland SCHMITZ, 2009. A novel anti-phishing framework based on honeypots. 2009 eCrime Researchers Summit (eCRIME). Tacoma, WA, USA, 20. Sept. 2009 - 21. Okt. 2009. In: 2009 eCrime Researchers Summit. IEEE, 2009, pp. 1-13. ISBN 978-1-4244-4625-4. Available under: doi: 10.1109/ECRIME.2009.5342609BibTex
@inproceedings{Li2009-10novel-6020, year={2009}, doi={10.1109/ECRIME.2009.5342609}, title={A novel anti-phishing framework based on honeypots}, isbn={978-1-4244-4625-4}, publisher={IEEE}, booktitle={2009 eCrime Researchers Summit}, pages={1--13}, author={Li, Shujun and Schmitz, Roland} }
RDF
<rdf:RDF xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:bibo="http://purl.org/ontology/bibo/" xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:void="http://rdfs.org/ns/void#" xmlns:xsd="http://www.w3.org/2001/XMLSchema#" > <rdf:Description rdf:about="https://kops.uni-konstanz.de/server/rdf/resource/123456789/6020"> <dcterms:bibliographicCitation>First publ. in: eCrime Researchers Summit, 2009 : eCRIME '09 , Proceedings of 4th Annual APWG [Oct. 20-21, 2009, Tacoma,Washington]. Piscataway, NJ : IEEE, 2009. pp. 1 - 13</dcterms:bibliographicCitation> <dc:creator>Schmitz, Roland</dc:creator> <dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2011-03-24T16:08:47Z</dcterms:available> <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/52"/> <dcterms:hasPart rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/6020/1/Li_2_APWG_eCRS2009.pdf"/> <dc:language>eng</dc:language> <dspace:hasBitstream rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/6020/1/Li_2_APWG_eCRS2009.pdf"/> <dcterms:issued>2009-10</dcterms:issued> <dcterms:rights rdf:resource="https://rightsstatements.org/page/InC/1.0/"/> <dcterms:title>A novel anti-phishing framework based on honeypots</dcterms:title> <dc:contributor>Schmitz, Roland</dc:contributor> <dc:contributor>Li, Shujun</dc:contributor> <foaf:homepage rdf:resource="http://localhost:8080/"/> <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/> <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/> <dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2011-03-24T16:08:47Z</dc:date> <dc:rights>terms-of-use</dc:rights> <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/> <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/52"/> <dcterms:abstract xml:lang="eng">As a powerful anti-phishing tool, honeypots have been widely used by security service providers and financial institutes to collect phishing mails, so that new phishing sites can be earlier detected and quickly shut down. Another popular use of honeypots is to collect useful information about phishers' activities, which is used to make various kinds of statistics for the purposes of research and forensics. Recently, it has also been proposed to actively feed phishers with honeytokens. In the present paper, we discuss some problems of existing anti-phishing solutions based on honeypots. We propose to overcome these problems by transforming the real e-banking system itself into a honeypot equipped with honeytokens and supported by some other kinds of honeypots. A phishing detector is used to automatically detect suspicious phishers' attempts of stealing money from victims' accounts, and then ask for the potential victims' reconfirmation. This leads to a novel anti-phishing framework based on honeypots. As an indispensable part of the framework, we also propose to use phoneybots, i.e., active honeypots running in virtual machines and mimicking real users' behavior to access the real e-banking system automatically, in order to submit honeytokens to pharmers and phishing malware. The involvement of phoneybots is crucial to fight against advanced phishing attacks such as pharming and malware-based phishing attacks.</dcterms:abstract> <dc:format>application/pdf</dc:format> <dc:creator>Li, Shujun</dc:creator> <bibo:uri rdf:resource="http://kops.uni-konstanz.de/handle/123456789/6020"/> </rdf:Description> </rdf:RDF>