GONE PHISHING ECE 4112 Final Lab Project Group #19 Enid Brown & Linda Larmore.

Slides:



Advertisements
Similar presentations
® Microsoft Office 2010 Browser and Basics.
Advertisements

Browser Comparisons Internet Explorer 8 & 9, Chrome 11 and Firefox 4 Security, Privacy, Add-ons & Convenience.
Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.
Internet Safety Gleneagles Computer Club February 16, 2015 by Deborah Benson.
6 C H A P T E R © 2001 The McGraw-Hill Companies, Inc. All Rights Reserved1 Electronic Mail Electronic mail has revolutionized the way people communicate.
1 CANTINA : A Content-Based Approach to Detecting Phishing Web Sites WWW Yue Zhang, Jason Hong, and Lorrie Cranor.
Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.
Lesson 4: Web Browsing.
Internet Phishing Not the kind of Fishing you are used to.
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
Privacy and Security on the Web Part 1. Agenda Questions? Stories? Questions? Stories? IRB: I will review and hopefully send tomorrow. IRB: I will review.
DVG-N5402SP.
What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.
FIRST COURSE Computer Concepts Internet and Microsoft Office Get to Know Your Computer.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004
Managing and Avoiding Junkmail. Junk  Where does Junk Mail come from? People with whom you do business  Pepsi Friends of people with whom you.
Boris Tshibangu. What is a proxy server? A proxy server is a server (a computer system or an application) that acts as an intermediary for requests from.
Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
Examining the Effectiveness and Techniques of the Anti-Phishing Technology in Leading Web Browsers and Security Toolbars. Wesley W. Owen
Hosted Exchange The purpose of this Startup Guide is to familiarize you with ExchangeDefender's Exchange and SharePoint Hosting. ExchangeDefender.
Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
With Internet Explorer 9 Getting Started© 2013 Pearson Education, Inc. Publishing as Prentice Hall1 Exploring the World Wide Web with Internet Explorer.
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
PhishNet: Predictive Blacklisting to Detect Phishing Attacks Pawan Prakash Manish Kumar Ramana Rao Kompella Minaxi Gupta Purdue University, Indiana University.
Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.
Anti Phishing & Spam -- by lynn. Spam Anti Spam and How White-lists Black-lists Heuristics –Bayes –Neural Networks Static technique –keyword checking.
Visual-Similarity-Based Phishing Detection Eric Medvet, Engin Kirda, Christopher Kruegel SecureComm 2008 Sep.
Dr. Omar Al Jadaan The Internet. Internet Service Provider (ISP) Content Providers: create and maintained material that can be accessed using the internet.
COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.
Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.
®® Microsoft Windows 7 Windows Tutorial 5 Protecting Your Computer.
CMU Usable Privacy and Security Laboratory Phinding Phish: An Evaluation of Anti-Phishing Toolbars Yue Zhang, Serge Egelman, Lorrie.
DIGITAL SECURITY PART 2 TOOLS. phising  Internet criminals can steal your personal and banking information without you ever noticing – they can do it.
11 CANTINA: A Content- Based Approach to Detecting Phishing Web Sites Reporter: Gia-Nan Gao Advisor: Chin-Laung Lei 2010/6/7.
EMerge Browser Managed Security Platform Module 3: Startup eMerge Certification Course  Physical connection  TCP/IP Characteristics of PC  Initial connection.
 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.
SURFING THE WEB PRIVACY, SAFETY, AND RELIABLE SOURCES.
What’s New in WatchGuard XCS v9.1 Update 1. WatchGuard XCS v9.1 Update 1  Enhancements that improve ease of use New Dashboard items  Mail Summary >
BY : MUHAMMAD KHUZAIMI B. ISHAK 4 ADIL PUAN MAZITA INFORMATION AND COMMUNICATION OF TECHNOLOGY.
How Phishing Works Prof. Vipul Chudasama.
Prepared By : Md Jakaria 1 Learn Internet Basics LECTURE 7.
Saphe surfing! 1 SAPHE Secure Anti-Phishing Environment Presented by Uri Sternfeld.
XP Browser and Basics COM111 Introduction to Computer Applications.
Internet 1) John R. Levine, Margaret Levine Young, The Internet for Dummies. Wiley Publishing, 12 th Edition, 2010.
#7 Useful Reports AUXOP Progress February In order to view AUXDATA reports, you must have a pdf reader program installed on your computer. Adobe’s.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
Internet safety By Suman Nazir
Skill Area 214 Introduce World wide web(www)
Using the Web Cyberspace Explorations Class BOLLI – Spring 2005.
Phishing Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money)
Schools-On-I-Net and Google Apps for Education. Good-bye Yellow, Hello Blue Effective July 1, 2008.
Microsoft Office 2008 for Mac – Illustrated Unit D: Getting Started with Safari.
1 Phinding Phish : Evaluating Anti- Phishing Tools Yue Zhang,Jason Hong (2007) Carnegie Mellon University.
Return to the PC Security web page Lesson 4: Increasing Web Browser Security.
Microsoft Windows 7 - Illustrated Unit G: Exploring the Internet with Microsoft Internet Explorer.
Remove [Browser Hijackers] For more information regarding [Browser Hijackers] Please Visit:
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
Windows Vista Configuration MCTS : Internet Explorer 7.0.
Windows Tutorial 5 Protecting Your Computer
Microsoft Office 2010 Basics and the Internet
Microsoft Office 2010 Basics and the Internet
MICROSOFT OUTLOOK and Outlook service Provider
Phishing is a form of social engineering that attempts to steal sensitive information.
Objectives To understand the about types of computer network
Lesson 3 Web Browsers.
Chapter 9: Configuring Internet Explorer
Presentation transcript:

GONE PHISHING ECE 4112 Final Lab Project Group #19 Enid Brown & Linda Larmore

2 Comparative Analysis of Browser Anti-Phishing Techniques Outline  Phishing for facts  Goals of Lab  Anti-Phishing techniques  Lab Procedures  Lab Results  Conclusion  Discussion

3 Comparative Analysis of Browser Anti-Phishing Techniques Background  Phishing can be defined as an attempt to obtain sensitive and personal information by masquerading as a trustworthy entity in some form of electronic communication.  This sensitive information includes, but is not limited to passwords, credit card numbers, and usernames.  As a result, all major browsers contain some type of anti-phishing measure, that is either turned on or off by default.  With an increase in the amount of spam that most addresses receive, phishing has become more and more popular and it is important that we learn how to protect out information and detect these sites.

4 Comparative Analysis of Browser Anti-Phishing Techniques YeahRight ● ● ● ● ● ● ●

5 Outline  Phishing for facts  Goals of Lab  Anti-Phishing techniques  Lab Procedures  Lab Results  Conclusion  Discussion

6 Comparative Analysis of Browser Anti-Phishing Techniques Goals  The goals for this lab are: – To introduce the concept of Phishing exploits –Compare the anti-phishing techniques that different browsers utilize –Compare the anti-phishing software available.

7 Comparative Analysis of Browser Anti-Phishing Techniques Outline  Phishing for facts  Goals of Lab  Anti-Phishing techniques  Lab Procedures  Lab Results  Conclusion  Discussion

8 Comparative Analysis of Browser Anti-Phishing Techniques Microsoft Phishing Filter in Windows Internet Explorer 7  Microsoft Phishing Filter, uses a combination of Microsoft’s URL Reputation Service (URS) and local heuristics built into the IE 7 browser.  These methods allow it to identify and warn users in real time of suspected phish URLs, and block them from accessing confirmed phishing sites that have been reported to the URS by either users or third-party data providers.

9 Comparative Analysis of Browser Anti-Phishing Techniques Netscape Browser 9.0  Includes a built in phishing filter  Relies solely on a blacklist, which is maintained by AOL and updated frequently

10 Comparative Analysis of Browser Anti-Phishing Techniques Opera  When Opera Fraud Protection is enabled, a server is contacted at Opera every time you request a Web page.  HTTPS sites are checked via an encrypted channel, while IP addresses on the local intranet will never be checked.  The server checks the domain name of the requested page against live whitelists compiled by GeoTrust, and blacklists compiled by GeoTrust and Phishtank.GeoTrust Phishtank  Opera's fraud protection server downloads blacklists directly from Phishtank, and sends a query to GeoTrust.

11 Comparative Analysis of Browser Anti-Phishing Techniques Mozilla Firefox  Phishing Protection is turned on by default in Firefox 2 or later, and works by checking the sites that you browse to against a list of known phishing sites.  This list is automatically downloaded and regularly updated within Firefox when the Phishing Protection feature is enabled.

12 Comparative Analysis of Browser Anti-Phishing Techniques McAfee SiteAdvisor Toolbar  McAfee's SiteAdvisor product is a free stand- alone anti-phishing product  Suspect or blocked sites are identified by a popup balloon and by color and text changes in the button.  SiteAdvisor offers a wealth of information about sites, including whether the site appears to send spam and whether it is suspected of being a phishing site.

13 Comparative Analysis of Browser Anti-Phishing Techniques Netcraft Toolbar  Utilizes Netcraft's very large database of Web servers to flag suspected or actual phishing sites.  The toolbar displays several useful characteristics of the current page, including the country where the Web server is hosted, the true IP address, and a bar-graph "risk rating" indicator.

14 Comparative Analysis of Browser Anti-Phishing Techniques GeoTrust TrustWatch Toolbar  The TrustWatch Toolbar combines site lookups with phishing protection and Google search.  The toolbar shows the real DNS name of the currently loaded site, and it allows users to specify a visual or textual identifier that the toolbar knows and can display; this helps guard against sites that put up their own fake address bars.

15 Comparative Analysis of Browser Anti-Phishing Techniques How to rate Phishing tools  Catch rate: how well each tool catches known phish from a common pool of known phish, either by generating a warning or blocking access to the phish page.  False positive rate: how many false warnings or blocks each tool generates from a pool of known-good URLs.

16 Comparative Analysis of Browser Anti-Phishing Techniques Outline  Phishing for facts  Goals of Lab  Anti-Phishing techniques  Lab Procedures  Lab Results  Conclusion  Discussion

17 Comparative Analysis of Browser Anti-Phishing Techniques Lab Procedures  Setting up browsers –Mozilla Firefox –Microsoft Internet Explorer –Opera –Netscape Navigator  Enabling browser anti-phishing  Browser Anti-Phishing

18 Comparative Analysis of Browser Anti-Phishing Techniques Lab Procedures  Attempted to access known phishing websites using the four browsers  Known phishing websites listed at k.com

19 Comparative Analysis of Browser Anti-Phishing Techniques Outline  Phishing for facts  Goals of Lab  Anti-Phishing techniques  Lab Procedures  Lab Results  Conclusion  Discussion

20 Comparative Analysis of Browser Anti-Phishing Techniques Warning Pages

21 Comparative Analysis of Browser Anti-Phishing Techniques Browser Results

22 Comparative Analysis of Browser Anti-Phishing Techniques Mozilla with Toolbars Results

23 Comparative Analysis of Browser Anti-Phishing Techniques IE7 with Toolbars Results

24 Comparative Analysis of Browser Anti-Phishing Techniques 2006 Phishing Studies Source:

25 Comparative Analysis of Browser Anti-Phishing Techniques Outline  Phishing for facts  Goals of Lab  Anti-Phishing techniques  Lab Procedures  Lab Results  Conclusion  Discussion

26 Comparative Analysis of Browser Anti-Phishing Techniques Summary of new Lab proposal  Students will: –Section 1: Browsers and Phishing Setting up browsers Enabling browser anti-phishing –Section 2: Browser Anti-Phishing Anti-phishing and PhishTank Analyze and compare results between different browsers –Section 3: Anti-Phishing Toolbar Analyze and compare results between different browsers and toolbars

27 Comparative Analysis of Browser Anti-Phishing Techniques Outline  Phishing for facts  Goals of Lab  Anti-Phishing techniques  Lab Procedures  Lab Results  Conclusion  Discussion

28 Comparative Analysis of Browser Anti-Phishing Techniques Preventing Phishing  Enable browser anti-phishing  Setup spam/junk mail filters  Install anti-phishing toolbars  Check suspected websites against blacklists and whitelists  Use false info to check validity  If in doubt, DON’T DO IT!!!

29 Comparative Analysis of Browser Anti-Phishing Techniques Questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.