Reference : Proactive Discovery of Phishing Related Domain Names
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
http://hdl.handle.net/10993/13063
Proactive Discovery of Phishing Related Domain Names
English
Marchal, Samuel mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
François, Jérôme mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
State, Radu mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Engel, Thomas mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Sep-2012
Proceedings of the 15th International Symposium on Research in Attacks, Intrusions and Defenses, Amsterdam 12-14 September 2012
Springer Berlin Heidelberg
190-209
Yes
No
International
978-3-642-33337-8
RAID 2012
12-14 September 2012
Vrije Universiteit
Amsterdam
The Netherlands
[en] phishing ; blacklisting ; DNS probing ; natural language
[en] Phishing is an important security issue to the Internet, which has a significant economic impact. The main solution to counteract this threat is currently reactive blacklisting; however, as phishing attacks are mainly performed over short periods of time, reactive methods are too slow. As a result, new approaches to early identify malicious websites are needed. In this paper a new proactive discovery of phishing related domain names is introduced. We mainly focus on the automated detec- tion of possible domain registrations for malicious activities. We leverage techniques coming from natural language modelling in order to build pro- active blacklists. The entries in this list are built using language models and vocabularies encountered in phishing related activities - “secure”, “banking”, brand names, etc. Once a pro-active blacklist is created, ongoing and daily monitoring of only these domains can lead to the efficient detection of phishing web sites.
Interdisciplinary Centre for Security, Reliability and Trust
Researchers ; Professionals ; Students
http://hdl.handle.net/10993/13063
10.1007/978-3-642-33338-5_10

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
raid-2012.pdfNo commentaryAuthor postprint718.38 kBView/Open

Additional material(s):

File Commentary Size Access
Open access
presentation_short.pdf2.05 MBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.