Professional Documents
Culture Documents
Modules
The concept is an end-host based [1] anti-phishing algorithm, called the Link Guard, by
utilizing the generic characteristics of the hyperlinks in phishing attacks. The Link Guard
algorithm works as follows. In its main routine LinkGuard, it rst extracts the DNS names
from the actual and the visual links.
The Link Guard algorithm works as follows. In its main routine LinkGuard, it rst extracts the
DNS names from the actual and the visual links (lines 1 and 2). It then compares the actual
and visual DNS names, if these names are not the same, then it is phishing of category 1
(lines 3-5).If dotted decimal IP address is directly used in actual DNS, it is then a possible
phishing attack of category 2 (lines 6 and 7).If the actual link or the visual link is encoded.
(Categories 3 and 4), we rst decode the links, then recursively call Link Guard to return a
result (lines 8-13). When there is no destination information (DNS name or dotted IP
address) in the visual link (category 5), Link Guard calls Analyses to analyse the actual DNS
(lines 16 and 17). Link Guard therefore handles all the 5 categories of phishing attacks.
Analyses and the related subroutines are depicted in Figure 5.1. In Analyse DNS, if the
actual DNS name is contained in the blacklist, then we are sure that it is a phishing attack
(lines 18 and 19). Similarly, if the actual DNS is contained in the whitelist, it is therefore not
a phishing attack (lines 20 and 21). If the actual DNS is not contained in either whitelist or
blacklist, Pattern Matching is then invoked (line 22).
The similarity index between two strings are determined by calculating the minimal number
of changes (including insertion, deletion, or revision of a character in the string) needed to
transform a string to the other string. If the number of changes is 0, then the two strings are
identical; if the number of changes is small, then they are of high similarity; otherwise, they
are of low similarity.
SYSTEM DESIGN AND DEVELOPMENT
Data Flow Diagram
Data Flow Diagram (DFD) is a two-dimensional diagram that describes how data is processed
and transmitted in a system. The graphical depiction recognizes each source of data and how it
interacts with other data sources to reach a mutual output. In order to draft a data flow diagram
one must
Identify external inputs and outputs
Explain with graphics how these connections relate and what they result in.
Role of DFD:
It is a documentation support which is understood by both programmers and non-
programmers. As DFD postulates only what processes are accomplished not how they are
performed.
A physical DFD postulates where the data flows and who processes the data.
It permits analyst to isolate areas of interest in the organization and study them by
examining the data that enter the process and viewing how they are altered when they
leave.
E-banking phising
Admin User login
process
Login
use algorthim
DFD : user and Admin
User
check Url Process
User add Url to check URlcheck
login information Datatable
admin profile
Admin
information
Datatable