04-10-2017, 10:57 AM
19-10-2017, 11:58 AM
Phishing is a new type of network attack where the attacker creates a replica of an existing web page to trick users (for example, by using specially designed emails or instant messages) to send personal, financial, or password data to what they think is the website of their service providers. In this paper, we propose a new anti-phishing algorithm based on the final host, which we call LinkGuard, using the generic characteristics of hyperlinks in phishing attacks. These features are obtained by analyzing the phishing data file provided by the anti-phishing workgroup (APWG). Because it is based on the generic features of phishing attacks, LinkGuard can detect phishing attacks that are not only known but also unknown. We have implemented LinkGuard on Windows XP. Our experiments verified that LinkGuard is effective in detecting and preventing known and unknown phishing attacks with a minimum of false negatives. LinkGuard successfully detects 195 of the 203 phishing attacks. Our experiments also showed that LinkGuard is lightweight and can detect and prevent phishing attacks in real time.