08-10-2010, 11:15 AM
FINDIND & STOPING OF PHISHING ATTACKS THROUGH ONLINE
ABSTRACT:
Phishing is a new type of network attack where the attacker creates accurate copy of an existing web page to fool users ex submitting personal, financial, or password data to what they think is their service provider’s website. The concept is an anti-phishing algorithm, called the Link Guard, by utilizing the generic characteristics of the hyperlinks in phishing attacks. The page link Guard algorithm is the concept for finding the phishing emails sent by the phisher to grasp the information of the end user. Link Guard is based on the careful analysis of the characteristics of phishing hyperlinks. Each end user is implemented with Link Guard algorithm.
EXISTING SYSTEM:
1) Detect and block the phishing Web sites in time: If we can detect the phishing Web sites in time, we then can block the sites and prevent phishing attacks. But it's difficult to find those phishing sites out in time. There are two methods for phishing site detection.
a) The Web master of a legal Web site periodically scans the root DNS for suspicious sites.
b) Since the phisher must duplicate the content of the target site, he must use tools to (automatically) download the Web pages from the target site. It is therefore possible to detect this kind of download at the Web server and trace back to the phisher.
Drawbacks:-Many phishing attacks simply do not require a DNS name. For phishing download detection, clever phishers may easily write tools
2) Enhance the security of the web sites: The business Websites such as the Web sites of banks can take new methods to guarantee the security of users' personal information. There two method to enhance the security
a) Using hardware devices: For example, a hand-held card reader
b)Biometrics characteristic: e.g. voice, fingerprint, iris, etc.
Drawbacks:-All these techniques need additional hardware and also will increase the cost. Therefore, it still needs time for these techniques to be widely adopted.
Block the phishing e-mails by various spam filters: The phishers hide their identities when sending the spoofed e-mails, therefore, if anti-spam systems can determine whether an e-mail is sent by the announced sender the phishing attacks will be decreased dramatically. The techniques that preventing senders from counterfeiting their Send ID (e.g. SIDF of Microsoft) can defeat phishing attacks efficiently. SIDF is a combination of Microsoft's Caller ID for E-mail and the SPF (Sender Policy Framework). Both Caller ID and SPF check e-mail sender's domain name to verify if the e-mail is sent from a server that is authorized to send e-mails of that domain and from that to determine whether that e-mail use spoofed e-mail address. If it's faked, the Internet service provider can then determine that e-mail is a spam e-mail. The spoofed e-mails used by phishers are one type of spam e-mails.the spam filters can also be used to filter those phishing e-mails. Spam filters are designed for general spam e-mails and may not very suitable for filtering phishing e-mails since they generally do not consider the specific characteristics of phishing attacks.
4) Install online anti-phishing software in user’s computers: Despite all the above efforts, it is still possible for the users to visit the spoofed Web sites. As a last defense, users can install anti-phishing tools in their computers. The anti-phishing tools in use today can be divided into two categories: blacklist/white list based and rule-based.
a) When a user visits a Web site, the antiphishing tool searches the address of that site in a blacklist stored in the database. If the visited site is on the list, the anti-phishing tool then warns the users .They cannot prevent the attacks from the newly emerged (unknown) phishing sites.
b) Uses certain rules in their software, and checks the security of a Web site according to these rules. Examples Spoof Guard and Trust Watch provide a toolbar in the browsers all the above defense methods are useful and complementary to each other, but none of them are perfect at the current stage.