Presentation is loading. Please wait.

Presentation is loading. Please wait.

ITrustPage: Pretty Good Phishing Protection Stefan Saroiu, Troy Ronda, and Alec Wolman University of Toronto and Microsoft Research.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "ITrustPage: Pretty Good Phishing Protection Stefan Saroiu, Troy Ronda, and Alec Wolman University of Toronto and Microsoft Research."— Presentation transcript:

1 iTrustPage: Pretty Good Phishing Protection Stefan Saroiu, Troy Ronda, and Alec Wolman University of Toronto and Microsoft Research

2 Phishing Attacks Cost Real Money! Hundreds of millions of $$$ cost to U.S. economy Hundreds of millions of $$$ cost to U.S. economy Affects 1+ million Internet users in U.S. alone Affects 1+ million Internet users in U.S. alone Real cost: Erosion of trust in Web as e-commerce platform Erosion of trust in Web as e-commerce platform  40% of people not banking online do not trust Web!!!

3 Myriad of Solutions Proposed Spam filters [CMU ‘06, SpamAssassin, Outlook] Spam filters [CMU ‘06, SpamAssassin, Outlook] Browser blacklists [IE7, FF 2.0, Opera] Browser blacklists [IE7, FF 2.0, Opera] Password managers [Princeton ‘05, Stanford ‘06, Berkeley ‘06] Password managers [Princeton ‘05, Stanford ‘06, Berkeley ‘06] Out-of-band authentication [CMU ‘06, Stanford ‘06] Out-of-band authentication [CMU ‘06, Stanford ‘06] User-created labels, warnings [Stanford ‘06] User-created labels, warnings [Stanford ‘06] Automatic fillers [MIT ‘06] Automatic fillers [MIT ‘06] Centralized approaches [MSR ‘06] Centralized approaches [MSR ‘06]

4 Yet… the Problem is Growing! Number of phishing sites grew 10X in 18 months Number of phishing sites grew 10X in 18 months  2004 -- mid 2006 Banks claim phishing becoming #1 source of fraud Banks claim phishing becoming #1 source of fraud Phishing e-mails becoming personalized Phishing e-mails becoming personalized  sophisticated and hard-to-filter Must look into new anti-phishing approaches! Must look into new anti-phishing approaches!

5 Outline Motivating the need for new approaches Motivating the need for new approaches Lessons learned from current approaches Lessons learned from current approaches iTrustPage demo iTrustPage demo Design and implementation Design and implementation Evaluation Evaluation Conclusions Conclusions

6 Outline Motivating the need for new approaches Motivating the need for new approaches Lessons learned from current approaches Lessons learned from current approaches iTrustPage demo iTrustPage demo Design and implementation Design and implementation Evaluation Evaluation Conclusions Conclusions

7 Current Approaches’ Shortcomings Spam filters + blacklists imperfect and too slow Spam filters + blacklists imperfect and too slow  Phishing sites’ average uptime is 4.5 days Password managers have usability problems Password managers have usability problems  Based on hard-to-grasp concepts, uncommon tasks Personalized visual clues Personalized visual clues  Rely on users to be diligent Automatic password fillers Automatic password fillers  Easy to fool + they create local password repository

8 Lessons Learned Anti-phishing tools must be intuitive + easy-to-use Anti-phishing tools must be intuitive + easy-to-use  Users must perform very simple, common tasks Relying on users to be diligent unlikely to work Relying on users to be diligent unlikely to work Phishing is becoming personalized Phishing is becoming personalized  Can’t rely on static filters Anti-phishing tools must re-act quickly to attacks Anti-phishing tools must re-act quickly to attacks  Cannot wait for updates or new filters

9 Our Approach: iTrustPage Prevents users from filling out phishing forms Prevents users from filling out phishing forms  Does not rely on static filters  Users perform simple, common, and intuitive tasks  Doesn’t rely on users to stay vigilent  Harder-to-fool  Stops users whenever key is pressed on any site whether a form is present or not

10 High-Level View of Our Tool If user fills suspicious form, user asked for input: If user fills suspicious form, user asked for input: 1. Describe search terms for questionable form  i.e., Is the user visiting an well-established site?  If yes, site is unlikely to phish 2. Visual comparison of questionable Web form with Web forms arrived at via Google result  i.e., Do these two forms look visually the same?  If yes, site is likely to phish

11 Live Demonstration – Trusted Page Navigate to Google and perform a search Navigate to Google and perform a search

12 Live Demonstration – Untrusted Page

13 Live Demonstration – Phishing Page

14 Our Two Key Observations Rely on user input to help disambiguate between legit and fake sites Rely on user input to help disambiguate between legit and fake sites  Certain decision making tasks are hard to automate reliably, yet very easy for people to decide  e.g., deciding when 2 Web sites appear visually similar Use external Web information repositories Use external Web information repositories  Use Internet sources to help determine legitimacy of particular Web site or form  e.g., many attacks target well-known, popular Web sites + search engines can identify such sites

15 Outline Motivating the need for new approaches Motivating the need for new approaches Lessons learned from current approaches Lessons learned from current approaches iTrustPage demo iTrustPage demo Design and implementation Design and implementation Evaluation Evaluation Conclusions Conclusions

16 Outline Motivating the need for new approaches Motivating the need for new approaches Lessons learned from current approaches Lessons learned from current approaches iTrustPage demo iTrustPage demo Design and implementation Design and implementation Evaluation Evaluation Conclusions Conclusions

17 Automatic Classification iTrustPage stores locally previously visited forms iTrustPage stores locally previously visited forms  No need to re-validate form Two additional conservative heuristics Two additional conservative heuristics  Google’s PageRank >= 5  Must be verified by TrustWatch Heuristics could be exploited by attackers Heuristics could be exploited by attackers  Fundamental trade-off between usability & security

18 Validation Web form is validated if: Web form is validated if: 1. Our conservative heuristics validate it (automatically) 2. Form’s domain in top 10 domains from Google  Based on user-input keywords 3. Repeat step 2 k-times, refining search keywords  Where k is variable depending on form’s PageRank  Higher PageRank means lower k 4. When everything else fails, raise flashy warning box  Fundamental corner-case, common to all tools

19 Implementation 5,200 lines of code for Firefox extension 5,200 lines of code for Firefox extension  Tested with Linux, Mac, Windows  Open-source, freely available 900 downloads in one month 900 downloads in one month Recently released ver. 2.0 with better interface Recently released ver. 2.0 with better interface  It still needs lots of work though

20 Circumventing iTrustPage Create phishing page on site with high PageRank Create phishing page on site with high PageRank 1. Break into popular site 2. “Google bomb” attack Compromise user’s Web browser Compromise user’s Web browser  In this case, all bets are off (spyware!)

21 Outline Motivating the need for new approaches Motivating the need for new approaches Lessons learned from current approaches Lessons learned from current approaches iTrustPage demo iTrustPage demo Design and implementation Design and implementation Evaluation Evaluation Conclusions Conclusions

22 Outline Motivating the need for new approaches Motivating the need for new approaches Lessons learned from current approaches Lessons learned from current approaches iTrustPage demo iTrustPage demo Design and implementation Design and implementation Evaluation Evaluation Conclusions Conclusions

23 Evaluation Strategy 1. Performance evaluation 2. Evaluating iTrustPage’s effectiveness 3. Usability study

24 Evaluation Strategy 1. Performance evaluation 2. Evaluating iTrustPage’s effectiveness 3. Usability study

25 Methodology Would users notice a performance degradation? Would users notice a performance degradation?  iTrustPage prefetches PageRank and TrustWatch Load pages of randomly chosen 115 US banks Load pages of randomly chosen 115 US banks Average PC: P III, 256MB RAM, U of T network Average PC: P III, 256MB RAM, U of T network Compare page loading times of unmodified browser to browser+iTrustPage Compare page loading times of unmodified browser to browser+iTrustPage

26 Very Little Additional Overhead Average site has 27ms extra overhead

27 Evaluation Strategy 1. Performance evaluation 2. Evaluating iTrustPage’s effectiveness 3. Usability study

28 Questions Are automatic validation heuristics correct? Are automatic validation heuristics correct? How often do users need to validate forms? How often do users need to validate forms? For hard-to-validate forms, how often do users need to revise search terms? For hard-to-validate forms, how often do users need to revise search terms?

29 Questions Are automatic validation heuristics correct? Are automatic validation heuristics correct? How often do users need to validate forms? How often do users need to validate forms? For hard-to-validate forms, how often do users need to revise search terms? For hard-to-validate forms, how often do users need to revise search terms?

30 Methodology Can’t measure from iTrustPage’s deployment Can’t measure from iTrustPage’s deployment  We do not record number of forms visited by users Use previously collected traces of Websites Use previously collected traces of Websites  Research log: 14 research lab users over 3.5 months  IRCache log: 8,714 users over 6.5 months Assume all pages have forms Assume all pages have forms

31 40% Sites are Automatically Validated

32 Users are Disrupted Less over Time This data is from iTrustPage’s deployment

33 Evaluation Strategy 1. Performance evaluation 2. Evaluating iTrustPage’s effectiveness 3. Usability study

34 Methodology 4-step study: 4-step study:  Fill-out preliminary survey to gather background info  Present tutorial on iTrustPage  Ask users to perform six steps, including:  Visit popular legit form  Visit unpopular legit form, could be easily found on Google  Visit phishing site  Visit unpopular legit form, can’t be found on Google  Post-study questionnaire 15 participants 15 participants

35 More disruptions, less easy to use!

36 Security vs. Usability

37

38 Conclusions New anti-phishing tool based on two insights New anti-phishing tool based on two insights  User input can be used to distinguish legit from fake sites, as long as interaction is simple and intuitive  Internet information repositories can be used to assist user with their decision Our evaluation has shown: Our evaluation has shown:  Negligible performance overhead  Automatic classification heuristics correct and useful  Tool becomes less disruptive over time  User like tool when few disruptions only

39 Works Surprisingly Well Download iTrustPage (Firefox Extension) Download iTrustPage (Firefox Extension)  www.cs.toronto.edu/~ronda/itrustpage/

Download ppt "ITrustPage: Pretty Good Phishing Protection Stefan Saroiu, Troy Ronda, and Alec Wolman University of Toronto and Microsoft Research."

Similar presentations

Using the Self Service BMC Helpdesk

Using the Self Service BMC Helpdesk
ForceHTTPS: Protecting High-Security Web Sites from Network Attacks Collin Jackson and Adam Barth.

ForceHTTPS: Protecting High-Security Web Sites from Network Attacks Collin Jackson and Adam Barth.
LeadManager™- Internet Marketing Lead Management Solution May, 2009.

LeadManager™- Internet Marketing Lead Management Solution May, 2009.
Web browsers It’s a software application for retrieving and presenting information on WWW. An information resource is identified by a Uniform Resource.

Web browsers It’s a software application for retrieving and presenting information on WWW. An information resource is identified by a Uniform Resource.
1 CANTINA : A Content-Based Approach to Detecting Phishing Web Sites WWW 2007 2008.09.09 Yue Zhang, Jason Hong, and Lorrie Cranor.

1 CANTINA : A Content-Based Approach to Detecting Phishing Web Sites WWW Yue Zhang, Jason Hong, and Lorrie Cranor.
PHAD- A Phishing Avoidance and Detection Tool Using Invisible Digital Watermarking By Sonali Batra Web 2.0 Security and Privacy 2014.

PHAD- A Phishing Avoidance and Detection Tool Using Invisible Digital Watermarking By Sonali Batra Web 2.0 Security and Privacy 2014.
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.

NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
Users Are Not Dependable How to make security indicators that protect them better Min Wu, Simson Garfinkel, Robert Miller MIT Computer Science and Artificial.

Users Are Not Dependable How to make security indicators that protect them better Min Wu, Simson Garfinkel, Robert Miller MIT Computer Science and Artificial.
Secure web browsers, malicious hardware, and hardware support for binary translation Sam King.

Secure web browsers, malicious hardware, and hardware support for binary translation Sam King.
The Importance of Being Earnest [in Security Warnings] Serge Egelman (UC Berkeley) Stuart Schechter (Microsoft Research)

The Importance of Being Earnest [in Security Warnings] Serge Egelman (UC Berkeley) Stuart Schechter (Microsoft Research)
How secure is your email? Secure Email Primer Presented by 4SecureMail.com.

How secure is your ? Secure Primer Presented by 4Secur .com.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
10/20/2009 Loomi Liao.  The problems  Some anti-phishing solutions  The Web Wallet solutions  The Web Wallet User Interface  User study  Discussion.

10/20/2009 Loomi Liao.  The problems  Some anti-phishing solutions  The Web Wallet solutions  The Web Wallet User Interface  User study  Discussion.
CANTINA: A Content-Based Approach to Detecting Phishing Web Sites Yue Zhang University of Pittsburgh Jason I. Hong, Lorrie F. Cranor Carnegie Mellon University.

CANTINA: A Content-Based Approach to Detecting Phishing Web Sites Yue Zhang University of Pittsburgh Jason I. Hong, Lorrie F. Cranor Carnegie Mellon University.
June 19, 2006TIPPI21 Web Wallet Preventing Phishing Attacks by Revealing User Intentions Rob Miller & Min Wu User Interface Design Group MIT CSAIL Joint.

June 19, 2006TIPPI21 Web Wallet Preventing Phishing Attacks by Revealing User Intentions Rob Miller & Min Wu User Interface Design Group MIT CSAIL Joint.
The Inconvenient Truth about Web Certificates Jean-Pierre Hubaux Joint work with N. Vratonjic, J. Freudiger and V. Bindschaedler Work presented at WEIS.

The Inconvenient Truth about Web Certificates Jean-Pierre Hubaux Joint work with N. Vratonjic, J. Freudiger and V. Bindschaedler Work presented at WEIS.
User studies. Why user studies? How do we know security and privacy solutions are really usable? Have to observe users! –you may be surprised by what.

User studies. Why user studies? How do we know security and privacy solutions are really usable? Have to observe users! –you may be surprised by what.
Towards Eradicating Phishing Attacks Stefan Saroiu University of Toronto.

Towards Eradicating Phishing Attacks Stefan Saroiu University of Toronto.
Spring 2008 www.umsl.edu/~iclabs. Definitions  Virus  A virus is a piece of computer code that attaches itself to a program or file so it can spread.

Spring Definitions  Virus  A virus is a piece of computer code that attaches itself to a program or file so it can spread.
CMU Usable Privacy and Security Laboratory Power Strips, Prophylactics, and Privacy, Oh My! Julia Gideon, Serge Egelman, Lorrie.

CMU Usable Privacy and Security Laboratory Power Strips, Prophylactics, and Privacy, Oh My! Julia Gideon, Serge Egelman, Lorrie.

Similar presentations

Ads by Google