Publikation:

A novel anti-phishing framework based on honeypots

Lade...
Vorschaubild

Dateien

Li_2_APWG_eCRS2009.pdf
Li_2_APWG_eCRS2009.pdfGröße: 4.46 MBDownloads: 2506

Datum

2009

Autor:innen

Schmitz, Roland

Herausgeber:innen

Kontakt

ISSN der Zeitschrift

Electronic ISSN

ISBN

Bibliografische Daten

Verlag

Schriftenreihe

Auflagebezeichnung

ArXiv-ID

Internationale Patentnummer

Angaben zur Forschungsförderung

Projekt

Open Access-Veröffentlichung
Open Access Green
Core Facility der Universität Konstanz

Gesperrt bis

Titel in einer weiteren Sprache

Publikationstyp
Beitrag zu einem Konferenzband
Publikationsstatus
Published

Erschienen in

2009 eCrime Researchers Summit. IEEE, 2009, pp. 1-13. ISBN 978-1-4244-4625-4. Available under: doi: 10.1109/ECRIME.2009.5342609

Zusammenfassung

As a powerful anti-phishing tool, honeypots have been widely used by security service providers and financial institutes to collect phishing mails, so that new phishing sites can be earlier detected and quickly shut down. Another popular use of honeypots is to collect useful information about phishers' activities, which is used to make various kinds of statistics for the purposes of research and forensics. Recently, it has also been proposed to actively feed phishers with honeytokens. In the present paper, we discuss some problems of existing anti-phishing solutions based on honeypots. We propose to overcome these problems by transforming the real e-banking system itself into a honeypot equipped with honeytokens and supported by some other kinds of honeypots. A phishing detector is used to automatically detect suspicious phishers' attempts of stealing money from victims' accounts, and then ask for the potential victims' reconfirmation. This leads to a novel anti-phishing framework based on honeypots. As an indispensable part of the framework, we also propose to use phoneybots, i.e., active honeypots running in virtual machines and mimicking real users' behavior to access the real e-banking system automatically, in order to submit honeytokens to pharmers and phishing malware. The involvement of phoneybots is crucial to fight against advanced phishing attacks such as pharming and malware-based phishing attacks.

Zusammenfassung in einer weiteren Sprache

Fachgebiet (DDC)
004 Informatik

Schlagwörter

phishing, honeypot, honeytoken, phoneypot, phoneytoken, phoneybot, online banking, money mule

Konferenz

2009 eCrime Researchers Summit (eCRIME), 20. Sept. 2009 - 21. Okt. 2009, Tacoma, WA, USA
Rezension
undefined / . - undefined, undefined

Forschungsvorhaben

Organisationseinheiten

Zeitschriftenheft

Verknüpfte Datensätze

Zitieren

ISO 690LI, Shujun, Roland SCHMITZ, 2009. A novel anti-phishing framework based on honeypots. 2009 eCrime Researchers Summit (eCRIME). Tacoma, WA, USA, 20. Sept. 2009 - 21. Okt. 2009. In: 2009 eCrime Researchers Summit. IEEE, 2009, pp. 1-13. ISBN 978-1-4244-4625-4. Available under: doi: 10.1109/ECRIME.2009.5342609
BibTex
@inproceedings{Li2009-10novel-6020,
  year={2009},
  doi={10.1109/ECRIME.2009.5342609},
  title={A novel anti-phishing framework based on honeypots},
  isbn={978-1-4244-4625-4},
  publisher={IEEE},
  booktitle={2009 eCrime Researchers Summit},
  pages={1--13},
  author={Li, Shujun and Schmitz, Roland}
}
RDF
<rdf:RDF
    xmlns:dcterms="http://purl.org/dc/terms/"
    xmlns:dc="http://purl.org/dc/elements/1.1/"
    xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
    xmlns:bibo="http://purl.org/ontology/bibo/"
    xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#"
    xmlns:foaf="http://xmlns.com/foaf/0.1/"
    xmlns:void="http://rdfs.org/ns/void#"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema#" > 
  <rdf:Description rdf:about="https://kops.uni-konstanz.de/server/rdf/resource/123456789/6020">
    <dcterms:bibliographicCitation>First publ. in: eCrime Researchers Summit, 2009 :  eCRIME '09 , Proceedings of 4th Annual APWG [Oct. 20-21, 2009, Tacoma,Washington]. 	Piscataway, NJ : IEEE, 2009. pp. 1 - 13</dcterms:bibliographicCitation>
    <dc:creator>Schmitz, Roland</dc:creator>
    <dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2011-03-24T16:08:47Z</dcterms:available>
    <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/52"/>
    <dcterms:hasPart rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/6020/1/Li_2_APWG_eCRS2009.pdf"/>
    <dc:language>eng</dc:language>
    <dspace:hasBitstream rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/6020/1/Li_2_APWG_eCRS2009.pdf"/>
    <dcterms:issued>2009-10</dcterms:issued>
    <dcterms:rights rdf:resource="https://rightsstatements.org/page/InC/1.0/"/>
    <dcterms:title>A novel anti-phishing framework based on honeypots</dcterms:title>
    <dc:contributor>Schmitz, Roland</dc:contributor>
    <dc:contributor>Li, Shujun</dc:contributor>
    <foaf:homepage rdf:resource="http://localhost:8080/"/>
    <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
    <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
    <dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2011-03-24T16:08:47Z</dc:date>
    <dc:rights>terms-of-use</dc:rights>
    <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/>
    <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/52"/>
    <dcterms:abstract xml:lang="eng">As a powerful anti-phishing tool, honeypots have been widely used by security service providers and financial institutes to collect phishing mails, so that new phishing sites can be earlier detected and quickly shut down. Another popular use of honeypots is to collect useful information about phishers' activities, which is used to make various kinds of statistics for the purposes of research and forensics. Recently, it has also been proposed to actively feed phishers with honeytokens. In the present paper, we discuss some problems of existing anti-phishing solutions based on honeypots. We propose to overcome these problems by transforming the real e-banking system itself into a honeypot equipped with honeytokens and supported by some other kinds of honeypots. A phishing detector is used to automatically detect suspicious phishers' attempts of stealing money from victims' accounts, and then ask for the potential victims' reconfirmation. This leads to a novel anti-phishing framework based on honeypots. As an indispensable part of the framework, we also propose to use phoneybots, i.e., active honeypots running in virtual machines and mimicking real users' behavior to access the real e-banking system automatically, in order to submit honeytokens to pharmers and phishing malware. The involvement of phoneybots is crucial to fight against advanced phishing attacks such as pharming and malware-based phishing attacks.</dcterms:abstract>
    <dc:format>application/pdf</dc:format>
    <dc:creator>Li, Shujun</dc:creator>
    <bibo:uri rdf:resource="http://kops.uni-konstanz.de/handle/123456789/6020"/>
  </rdf:Description>
</rdf:RDF>

Interner Vermerk

xmlui.Submission.submit.DescribeStep.inputForms.label.kops_note_fromSubmitter

Kontakt
URL der Originalveröffentl.

Prüfdatum der URL

Prüfungsdatum der Dissertation

Finanzierungsart

Kommentar zur Publikation

Allianzlizenz
Corresponding Authors der Uni Konstanz vorhanden
Internationale Co-Autor:innen
Universitätsbibliographie
Ja
Begutachtet
Diese Publikation teilen