Paper published in a book (Scientific congresses, symposiums and conference proceedings)
Proactive Discovery of Phishing Related Domain Names
MARCHAL, Samuel; FRANÇOIS, Jérôme; STATE, Radu et al.
2012In Proceedings of the 15th International Symposium on Research in Attacks, Intrusions and Defenses, Amsterdam 12-14 September 2012
Peer reviewed
 

Files


Full Text
raid-2012.pdf
Author postprint (735.63 kB)
Download
Annexes
presentation_short.pdf
(2.1 MB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
phishing; blacklisting; DNS probing; natural language
Abstract :
[en] Phishing is an important security issue to the Internet, which has a significant economic impact. The main solution to counteract this threat is currently reactive blacklisting; however, as phishing attacks are mainly performed over short periods of time, reactive methods are too slow. As a result, new approaches to early identify malicious websites are needed. In this paper a new proactive discovery of phishing related domain names is introduced. We mainly focus on the automated detec- tion of possible domain registrations for malicious activities. We leverage techniques coming from natural language modelling in order to build pro- active blacklists. The entries in this list are built using language models and vocabularies encountered in phishing related activities - “secure”, “banking”, brand names, etc. Once a pro-active blacklist is created, ongoing and daily monitoring of only these domains can lead to the efficient detection of phishing web sites.
Research center :
Interdisciplinary Centre for Security, Reliability and Trust
Disciplines :
Computer science
Identifiers :
UNILU:UL-CONFERENCE-2012-290
Author, co-author :
MARCHAL, Samuel ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
FRANÇOIS, Jérôme ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
STATE, Radu  ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
ENGEL, Thomas ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
Language :
English
Title :
Proactive Discovery of Phishing Related Domain Names
Publication date :
September 2012
Event name :
RAID 2012
Event organizer :
Vrije Universiteit
Event place :
Amsterdam, Netherlands
Event date :
12-14 September 2012
Audience :
International
Main work title :
Proceedings of the 15th International Symposium on Research in Attacks, Intrusions and Defenses, Amsterdam 12-14 September 2012
Publisher :
Springer Berlin Heidelberg
ISBN/EAN :
978-3-642-33337-8
Pages :
190-209
Peer reviewed :
Peer reviewed
Available on ORBilu :
since 13 December 2013

Statistics


Number of views
123 (2 by Unilu)
Number of downloads
819 (1 by Unilu)

Scopus citations®
 
38
Scopus citations®
without self-citations
33
OpenCitations
 
20

Bibliography


Similar publications



Contact ORBilu