ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Cantina: a content-based approach to detecting phishing web sites
Full text PdfPdf (783 KB)
Source
International World Wide Web Conference archive
Proceedings of the 16th international conference on World Wide Web table of contents
Banff, Alberta, Canada
SESSION: Passwords and phishing table of contents
Pages: 639 - 648  
Year of Publication: 2007
ISBN:978-1-59593-654-7
Authors
Yue Zhang  University of Pittsburgh
Jason I. Hong  Carnegie Mellon University
Lorrie F. Cranor  Carnegie Mellon University
Sponsor
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 25,   Downloads (12 Months): 240,   Citation Count: 8
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1242572.1242659
What is a DOI?

ABSTRACT

Phishing is a significant problem involving fraudulent email and web sites that trick unsuspecting users into revealing private information. In this paper, we present the design, implementation, and evaluation of CANTINA, a novel, content-based approach to detecting phishing web sites, based on the TF-IDF information retrieval algorithm. We also discuss the design and evaluation of several heuristics we developed to reduce false positives. Our experiments show that CANTINA is good at detecting phishing sites, correctly labeling approximately 95% of phishing sites.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
3Sharp, 3Sharp Study finds Internet Explorer 7 Edges Out Netcraft As Most Accurate for Anti-Phishing Protection. 2006. http://www.3sharp.com/projects/antiphishing/
 
2
Anti-Phishing Working Group, Phishing Activity Trends Report. 2006. http://www.antiphishing.org/reports/apwg_report_june_06.pdf
 
3
Anti-Phishing Working Group (APWG). Visited: Nov 20, 2006. http://www.antiphishing.org/
 
4
Chou, N., R. Ledesma, Y. Teraguchi, D. Boneh, and J. C. Mitchell. Client-Side Defense against Web-Based Identity Theft. In Proceedings of The 11th Annual Network and Distributed System Security Symposium (NDSS '04). http://crypto.stanford.edu/SpoofGuard/webspoof.pdf
 
5
Cloudmark Inc. Visited: Nov 20, 2006. http://www.cloudmark.com/desktop/download/
 
6
Cranor, L., S. Egelman, J. Hong, and Y. Zhang. Phinding Phish: Evaluating Anti-Phishing Tools. In Proceedings of The 14th Annual Network and Distributed System Security Symposium (NDSS '07). February 28- March 2, 2007.
 
7
Dao, T., Term frequency-Inverse document frequency implementation in C#, The Code Project - C# Programming. Visited: Nov 20, 2006. http://www.codeproject.com/csharp/tfidf.asp
8
Rachna Dhamija , J. D. Tygar, The battle against phishing: Dynamic Security Skins, Proceedings of the 2005 symposium on Usable privacy and security, p.77-88, July 06-08, 2005, Pittsburgh, Pennsylvania  [doi>10.1145/1073001.1073009]
9
Rachna Dhamija , J. D. Tygar , Marti Hearst, Why phishing works, Proceedings of the SIGCHI conference on Human Factors in computing systems, April 22-27, 2006, Montréal, Québec, Canada  [doi>10.1145/1124772.1124861]
10
Julie S. Downs , Mandy B. Holbrook , Lorrie Faith Cranor, Decision strategies and susceptibility to phishing, Proceedings of the second symposium on Usable privacy and security, July 12-14, 2006, Pittsburgh, Pennsylvania  [doi>10.1145/1143120.1143131]
 
11
eBay Inc., Spoof Email Tutorial. Visited: Nov 20, 2006. http://pages.ebay.com/education/spooftutorial/
 
12
eBay Inc., Using eBay Toolbar's Account Guard. Visited: Nov 20, 2006. http://pages.ebay.com/help/confidence/account-guard.html
 
13
Federal Trade Commission, An E-Card for You game. Visited: Nov 20, 2006. http://www.ftc.gov/bcp/conline/ecards/phishing/index.html
 
14
Federal Trade Commission, Federal Trade Commission. Phishing Alerts. Visited: Nov 20, 2006. http://www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm
 
15
Ferguson, A. J., Fostering E-Mail Security Awareness: The West Point Carronade, EDUCASE Quarterly, 2005. http://www.educause.edu/ir/library/pdf/eqm0517.pdf
 
16
Fette, I., N. Sadeh, and A. Tomasic. Learning to Detect Phishing Emails. ISRI Technical Report. CMU-ISRI-06-112, 2006.http://reports-archive.adm.cs.cmu.edu/anon/isri2006/abstracts/06-112.html
 
17
Eran Gabber , Phillip B. Gibbons , Yossi Matias , Alain J. Mayer, How to Make Personalized Web Browising Simple, Secure, and Anonymous, Proceedings of the First International Conference on Financial Cryptography, p.17-32, February 24-28, 1997
 
18
GeoTrust Inc., TrustWatch Toolbar. Visited: Nov 20, 2006. http://toolbar.trustwatch.com/tour/v3ie/toolbar-v3ie-tour-overview.html
 
19
Google Inc., Google Safe Browsing for Firefox. Visited: Nov 20, 2006. http://www.google.com/tools/firefox/safebrowsing/
20
J. Alex Halderman , Brent Waters , Edward W. Felten, A convenient method for securely managing passwords, Proceedings of the 14th international conference on World Wide Web, May 10-14, 2005, Chiba, Japan  [doi>10.1145/1060745.1060815]
 
21
Herzberg, A. and A. Gbara, TrustBar: Protecting (even Naive) Web Users from Spoofing and Phishing Attacks. 2004, Cryptology ePrint Archive: Report 2004/155. http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/spoofing.htm
 
22
Jackson, J. W., A. J. Ferguson, and M. J. Cobb. Building a University-wide Automated Information Assurance Awareness Exercise: The West Point Carronade. In Proceedings of 35th ASEE/IEEE Frontiers in Education Conference 2005. http://fie.engrng.pitt.edu/fie2005/papers/1694.pdf
 
23
Jagatic, T., N. Johnson, M. Jakobsson, and F. Menczer, Social Phishing, 2006, http://www.indiana.edu/~phishing/social-network-experiment/phishing-preprint.pdf
 
24
Keizer, G., Phishing Costs Nearly $1 Billion, TechWeb Technology News. Visited: Nov 20, 2006. http://www.techweb.com/wire/security/164902671
25
Ponnurangam Kumaraguru , Yong Rhee , Alessandro Acquisti , Lorrie Faith Cranor , Jason Hong , Elizabeth Nunge, Protecting people from phishing: the design and evaluation of an embedded training email system, Proceedings of the SIGCHI conference on Human factors in computing systems, April 28-May 03, 2007, San Jose, California, USA  [doi>10.1145/1240624.1240760]
 
26
Mail Frontier, Phishing IQ. Visited: Nov 20, 2006. http://survey.mailfrontier.com/survey/quiztest.html
 
27
McMillan, R., Gartner: Consumers to lose $2.8 billion to phishers in 2006, NetworkWorld, 2006. http://www.networkworld.com/news/2006/110906-gartner-consumers-to-lose-28b.html
 
28
Microsoft, Consumer Awareness Page on Phishing. Visited: Nov 20, 2006. http://www.microsoft.com/athome/security/ email/phishing.mspx
 
29
Netcraft, Netcraft Anti-Phishing Toolbar. Visited: Nov 20, 2006. http://toolbar.netcraft.com/
 
30
New York State Office of Cyber Security & Critical Infrastructure Coordination. 2005. Gone Phishing & A Briefing on the Anti-Phishing Exercise Initiative for New York State Government. Aggregate Exercise Results for public release.
 
31
Panahy, A., Google Parser, The Code Project - C# Programming. Visited: Nov 20, 2006. http://www.codeproject.com/csharp/googleparser.asp
 
32
Phelps, T. A. and R. Wilensky, Robust Hyperlinks and Locations, D-Lib Magazine, vol. 6(7/8), 2000. http://www.dlib.org/dlib/july00/wilensky/07wilensky.html
 
33
PhishTank. Visited: Nov 20, 2006. http://www.phishtank.com/
 
34
PhishTank, Statistics about Phishing Activity and PhishTank Usage. Visited: Nov 20, 2006. http://www.phishtank.com/stats/2006/10/
 
35
Gerard Salton , Michael J. McGill, Introduction to Modern Information Retrieval, McGraw-Hill, Inc., New York, NY, 1986
 
36
Stanford Applied Crypto Group, PwdHash. Visited: Nov 20, 2006. http://crypto.stanford.edu/PwdHash
37
Min Wu , Robert C. Miller , Simson L. Garfinkel, Do security toolbars actually prevent phishing attacks?, Proceedings of the SIGCHI conference on Human Factors in computing systems, April 22-27, 2006, Montréal, Québec, Canada  [doi>10.1145/1124772.1124863]
38
Min Wu , Robert C. Miller , Greg Little, Web wallet: preventing phishing attacks by revealing user intentions, Proceedings of the second symposium on Usable privacy and security, July 12-14, 2006, Pittsburgh, Pennsylvania  [doi>10.1145/1143120.1143133]
39
Zishuang (Eileen) Ye , Sean Smith , Denise Anthony, Trusted paths for browsers, ACM Transactions on Information and System Security (TISSEC), v.8 n.2, p.153-186, May 2005  [doi>10.1145/1065545.1065546]
40
Ka-Ping Yee , Kragen Sitaker, Passpet: convenient password management and phishing protection, Proceedings of the second symposium on Usable privacy and security, July 12-14, 2006, Pittsburgh, Pennsylvania  [doi>10.1145/1143120.1143126]
 
41
Zolnikov, P., Extending Explorer with Band Objects using.NET and Windows Forms, The Code Project - C# Programming. Visited: Nov 20, 2006. http://www.codeproject.com/csharp/dotnetbandobjects.asp

CITED BY  8
Steve Sheng , Bryant Magnien , Ponnurangam Kumaraguru , Alessandro Acquisti , Lorrie Faith Cranor , Jason Hong , Elizabeth Nunge, Anti-Phishing Phil: the design and evaluation of a game that teaches people not to fall for phish, Proceedings of the 3rd symposium on Usable privacy and security, July 18-20, 2007, Pittsburgh, Pennsylvania
Ian Fette , Norman Sadeh , Anthony Tomasic, Learning to detect phishing emails, Proceedings of the 16th international conference on World Wide Web, May 08-12, 2007, Banff, Alberta, Canada
Troy Ronda , Stefan Saroiu , Alec Wolman, Itrustpage: a user-assisted anti-phishing tool, ACM SIGOPS Operating Systems Review, v.42 n.4, May 2008
Yuan Niu , Francis Hsu , Hao Chen, iPhish: phishing vulnerabilities on consumer electronics, Proceedings of the 1st Conference on Usability, Psychology, and Security, p.1-8, April 14-14, 2008, San Francisco, California
D. Kevin McGrath , Minaxi Gupta, Behind phishing: an examination of phisher modi operandi, Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats, p.1-8, April 15-15, 2008, San Francisco, California
Ye Cao , Weili Han , Yueran Le, Anti-phishing based on automated individual white-list, Proceedings of the 4th ACM workshop on Digital identity management, October 31-31, 2008, Alexandria, Virginia, USA
Guang Xiang , Jason I. Hong, A hybrid phish detection approach by identity discovery and keywords retrieval, Proceedings of the 18th international conference on World wide web, April 20-24, 2009, Madrid, Spain
Justin Ma , Lawrence K. Saul , Stefan Savage , Geoffrey M. Voelker, Beyond blacklists: learning to detect malicious web sites from suspicious URLs, Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining, June 28-July 01, 2009, Paris, France

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Security and protection (e.g., firewalls)

Additional Classification:
  H. Information Systems
  H.3 INFORMATION STORAGE AND RETRIEVAL
      H.3.3 Information Search and Retrieval
          Subjects: Retrieval models


General Terms:
Algorithms, Human Factors, Measurement, Security


Keywords:
TF-IDF, anti-phishing, evaluation, phishing, toolbar

Collaborative Colleagues:
Yue Zhang: colleagues
Jason I. Hong: colleagues
Lorrie F. Cranor: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player