An Intelligent System for Phish Detection, using Dynamic Analysis and Template Matching
Phishing, or stealing of sensitive information on the
web, has dealt a major blow to Internet Security in recent times. Most
of the existing anti-phishing solutions fail to handle the fuzziness
involved in phish detection, thus leading to a large number of false
positives. This fuzziness is attributed to the use of highly flexible and
at the same time, highly ambiguous HTML language. We introduce a
new perspective against phishing, that tries to systematically prove,
whether a given page is phished or not, using the corresponding
original page as the basis of the comparison. It analyzes the layout of
the pages under consideration to determine the percentage distortion
between them, indicative of any form of malicious alteration. The
system design represents an intelligent system, employing dynamic
assessment which accurately identifies brand new phishing attacks
and will prove effective in reducing the number of false positives.
This framework could potentially be used as a knowledge base, in
educating the internet users against phishing.
 David Watson, Thorsten Holz and Sven Mueller, -"Know your enemy:
Phishing, behind the scenes of Phishing attacks", The Honeynet Project
& Research Alliance.
 Rachna Dhamija, J. D. Tygar, Marti Hearst - "Why Phishing works"
 HTML element - wikipedia
 Anti Phishing Working Group - Phishing Activity Trends Report -
September, October 2006, and September 2007.
 Levenstein, A., Binary codes capable of correcting deletions, insertions,
and reversals. Soviet Physics Doklady 10 (1966):707-710
 Jie Zou, Daniel Le and George R. Thoma "Combining DOM tree and
geometric layout analysis for onine medical journal article
segmentation", National Library of Medicine.
 Steven Abney - "Parts Of Speech Tagging (POS) and Partial Parsing",
 Dino Esposito, "Browser helper Objects: The Browser the Way You
Want It", Microsoft-Corporation http://msdn2.microsoft.com/enus/
 Min Wu, Robert C. Miller and Greg Little - "Web Wallet: Preventing
Phishing attacks by revealing user intentions", MIT Computer Science
and Artificial Intelligence Lab.
 Jonathan Zdziarski, Weilai Yang and Paul Judge - "Approaches to
Phishing identification using match and probabilistic digital
fingerprinting techniques.", CipherTrust, Inc.
 Suhit Gupta, Gail Kaiser, David Neistadt and Peter Grimm - "DOMbased
Content Extraction of HTML Documents".
 Tod Beardsley - "Phishing detection and prevention: practical counterfraud
 Min Wu, Robert C. Miller, Simson L. Garfinkel - "Do security toolbars
actually prevent Phishing attacks?", MIT Computer Science and
Artificial Intelligence Lab.
 Lorrie Cranor, Serge Egelman, Jason Hong, and Yue Zhang - "Phinding
Phish: An evaluation of anti-Phishing toolbars", CyLab, Carnegie
 Sujata Garera, Niels Provos, Monica Chew and Aviel D. Rubin - "A
framework for eetection and measurement of Phishing attacks".
 http://www.gartner.com/it/page.jsp? id=5 65125
 The Zero-Day Attack, PC magazine,
 False positives : Type I and type II errors, wikipedia -
 Content Distribution Network, Wikipedia -