See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/340507635

Preventive Techniques of Phishing Attacks in Networks

Conference Paper · April 2020

DOI: 10.1109/ICACS47775.2020.9055943

CITATIONS READS
19 3,658

5 authors, including:

Muhammad Adil Rahim Khan

University at Buffalo, The State University of New York Abdul Wali Khan University Mardan
34 PUBLICATIONS 647 CITATIONS 59 PUBLICATIONS 848 CITATIONS

SEE PROFILE SEE PROFILE

All content following this page was uploaded by Muhammad Adil on 08 April 2020.

The user has requested enhancement of the downloaded file.

 Preventive Techniques of Phishing Attacks in
Networks
Muhammad Adil Rahim Khan
Dept. of computer science Dept. of Computer Science
Virtual University Abdul Wali Khan University
Lahore, Pakistan Mardan, Pakistan
adilmuhammad46@yahoo.com rahimkhan@awkum.edu.pk
Abstract—Internet is the most widely used technology in the
current era of information technology and it is embedded in daily
life activities. Due to its extensive use in everyday life, it has
many applications such as social media (Face book, WhatsApp,
messenger etc.,) and other online applications such as online
businesses, e-counseling, advertisement on websites, e-banking,
e-hunting websites, e-doctor appointment and e-doctor opinion.
The above mentioned applications of internet technology makes
things very easy and accessible for human being in limited
time, however, this technology is vulnerable to various security
threats. A vital and severe threat associated with this technology
or a particular application is “Phishing attack” which is used
by attacker to usurp the network security. Phishing attacks
includes fake E-mails, fake websites, fake applications which are
used to steal their credentials or usurp their security. In this
paper, a detailed overview of various phishing attacks, specifically
their background knowledge, and solutions proposed in literature
to address these issues using various techniques such as anti-
phishing, honey pots and firewalls etc . Moreover, installation
of intrusion detection systems (IDS) and intrusion detection and
prevention system (IPS) in the networks to allow the authentic
traffic in an operational network. In this work, we have conducted
end use awareness campaign to educate and train the employs
in order to minimize the occurrence probability of these attacks.
The result analysis observed for this survey was quite excellent
by means of its effectiveness to address the aforementioned issues.
Index Terms—Network Security, Information security, Mal-
ware, Phishing, Spam, Social engineering, and Machine learning,
Anti-Phishing
I. I NTRODUCTION
Phishing is a type of social engineering attack, where
end users/administrator are convinced through some fake
messages, emails, phone call etc., to extract their credential
information [1]. Phishing is basically a social engineering,
which is used in internet technology to convince the client/end
users and steal their personal information for the sake of
misuse in different crimes. However, the concept of phishing
is closely interrelated to the traditional “Fishing” because
it is adopted from the fisher troller technique. In traditional
fishing, the fish troller use bait to caught fish in the rivers.
Similarly in “Phishing attacks”, the intruder uses some
social engineering techniques in the network environment to
978-1-7281-4235-7/20/ $31.00 ©2020 IEEE
M. Ahmad Nawaz Ul Ghani
Dept. of Software Engineering
University of Management and Technology
Lahore, Pakistan
nawaz.ghani.062@post.umt.edu.pk
convince the end user to expose their personal credentials
and hijack their security. Moreover, network environment
means (fake E-mail, fake website, fake links, IP spoofing
and MAC address spoofing) etc,. Phishing attack allows the
end user to expose their credential to intruders by means
of conceiving them to do something against the network
security to hijack security parameters. The fake mails used
by attacker to convince end user is just like legitimate email
with a small changes to convince the end user. However,
embedded hyperlink emails are also used for this purpose
of redirecting the victim user to malicious Website to do
something against the security policy of the organization and
expose their credentials to intruders. The growth of Phishing
attacks increases everyday in the current technology world.
The observation made toward the growth rate of such kind
of attacks, as it starts in the initial stage are found with the
gradual increase in every upcoming day. The current statistics
of phishing attacks show a continuous increase in it’s growth
rate, due to the extensive use of internet technology in real
life activities. One of the most interesting Phishing attack
example is made in March, 2016, to hack John Podesta email
account, chairmen of presidential election campaign of Hillary
Clinton [2]. John Podesta received a Phishing mail from
hacker in which he was directed through social engineering
to open the attachment by means of hyperlink (URL). The
mentioned URL was not a secure link such as any legitimate
application like (https), after that he was asked to change his
password immediately. Once he changed the password of his
account, the current credential of his account was exposed
to hacker and later on he realized that his account is hacked
by someone attacker. This was a simple example of Phishing
attack, in which John Podesta was convinced through social
engineering to hack his account. The Phishing attacks report
released by Wombat security in the 2018 [3] with the
analysis of Data Breach Investigation Report (DBIR) Verizon
enterprise, where DBIR made analysis of 67 contributing
organizations to overview security breaches by means of
social engineering. The report collects data from contributing
organization, which was founded 53,000 incidents and 2,216
confirmed breaches. DBIR report emphasis on the importance
of end users education, because the organization is most
likely to be attack by social engineering, rather than actual
vulnerability. The another report released by Poofpoint.com
(Next generation cyber security) in the first quarter of 2018
showed a 20 % increase in phishing attacks as compared
to 2017 report. The proofpoint security experts found that
40 % of organization targeted by fake email. They received
10 to 50 fake emails on daily basis [3]. The 2016 report
of proofpoint showed ransomware (banking Trojans) as
a top malware to target clients by means of email. The
second quarterly report Aug, 2018 by proofpoint.com (Next
generation cyber security) has shown a 36% increase over
the first quarter report of 2018. Furthermore, the second
quarter report showed that average customers compromised
through fake emails have increased rate of about 35 %.
The current report represents 26 % increase over 2018 first
quarter report and 87 % increase over 2017 last report [4].
The experts of proofpoint detect a 30 % increase in phishing
link on social media. The latest report of phishing attacks
shows a continuous increase in Phishing attacks as compared
to 2016 and 2017. The Infosec security professional made
analysis of different organization for phishing attacks; they
felt that the phishing threat of 2016 was less in percentage
as compared with the current state of phishing attacks as
shown in reports. The report released by infosec security
professional with wombat security organization showed
the most impacted areas of phishing attacks in 2016/17
[8]. The following figure shows the analysis of high used
threat/attacks make in 2018 to hijack security of end users.
Fig. 1. Wombat Security’s Statestic report on Phishing attacks, 2018
Figure 1 of the paper represents the statistic analysis
of wombat report. The aforementioned statistic is extracted
during analysis of different security threats such as (Mal-
ware infection,Compromised account, Internet scamming and
data breaches etc.,.). Furthermore, the paper emphasis on
the question of phishing attacks, with victim vulnerability
factors (computer user), to analyze the collection of current
research studies and understand the vulnerabilities of victims
falling in phishing attacks. The solution of aforementioned
vulnerabilities is mostly based on the user knowledge, rather
than technology based design. Moreover, the end user un-
derstanding can play a vital role to address the weakness of
phishing victim and improve their security against mentioning
attacks. The rest of the paper is organized as follows. The
next section, which is section II overview the related work,
subsequently, section III of the paper contained the proposed
methodologies. Section IV has detail analysis of our scheme
results and section V concludes the discussion.
II. RELATED WORK
Phishing attacks are increasing, due to online business, e-
commerce website and financial transaction in the recent years.
The new techniques Phishing uses by intruder to convince the
computer user/victim are like spear Phishing, Pharming Phish-
ing, Tax scammers phishing, Iterative campaigns phishing,
Sextortion scammers phishing, Malicious email, Deceptive
Phishing and Zero day phishing attacks. The zero day phishing
attack is E-mails they contained malware. The latest type
of ransomware (Malware) name Wanarcry (WanaCyptor or
WanaDecyrptor) was first reported on 12 May, 2017. The zero
day attack increase due to its success explosion rate in 2018
as compared to 2016/17 according to reports of [20].
Fig. 2. Detail overview of various phishing attacks based on its subcategories
Figure 2 of the paper has a brief overview of various
phishing attacks with its subcategories. Moreover, the inter-
connected/embedded categories of these attacks to elobarte
the concept of phishing attacks in more precise way. The
hybridization approach is proposed by Chaker to extract in-
formation about malicious activities in the network [20]. The
Chaker use pattern and extension information of websites to
match and identify all sites, they are looking for malicious
activities. Phishing attacks can also be made through hyperlink
of websites by excluding real web server address with small
changes, to direct the victims users to fake websites. The
paper in this section describes the effective phishing attack
methodologies.
A. Spear Phishing
The attacks, which are used to target a specific user or
organization, rather than a number of users and organization.
This technique uses an E-mail spoofing attack (from trusted
sources) to target the specific user or organization to convince,
and get access to the organization information.
B. Pharming Phishing
The Pharming Phishing attack is very difficult to detect,
because in this type of attack the intruder inject fake informa-
tion to the organization server (DNS) to redirect the users to
fraudulent websites. The fraudulent information is very similar
to organization legitimate information to convince the end user.
C. Tax Scammer’s phishing attacks
They are used one of the latest phishing attacks by intruder
in North Carolina, Illinois and New Jersey as detected to
steal tax professional information as shown in internal revenue
service (IRS) through Barkly (Barkly blog) report [5]. The
acknowledge the entire tax professional about this said attack.
In this type attack the intruder pretends themselves as the state
accounting professional, send fake email to the tax holder to
disclose their account information and credential, after stealing
their personal information or account credential they used it
for fraudulent tax return.
D. Iterative campaigns phishing attacks with shortcut and web
query files
This type of attack was used by intruder specifically for win-
dows 10 users to send them email contain on .SettingContent-
ms file. The file allows to run commands against windows
defender, which was restricted by window 10. The Proofpoint
first time detects this campaign of phishing attacks in July,
2018 and called TA505, which send thousands of attacks email
to victims [18].
E. Sextortion Scammer’s phishing attacks
In this type attacks the intruder sent email to the victim users
and asked them, that the message received by them contains a
porn video to watch, likewise the end user try to open hyper-
links of the same message to access the video, but at some
stage the user is asked to login account and watch the video.
In this way, the intruder access the password of victim user.
The victim users of this type phishing attack observed by a
security expert on 21, July 2018 and the report released by
Barkly blog showed an increase compared to 2016/17. The
attacker made a $ 500,000, as trice of the last year’s outbreak
WannaCry ransomware (malware) report [5].
F. Zero day phishing attacks
The zero day phishing attack is an exploiting vulnerability
now days for internet users. The zero day attack is one of the
effective tools used by attacker now days, because the zero day
attack data is not available until the attack is detected. These
types of attacks are also used as targeted [13]. The Symantec
Research Lab showed in their article [5] that 18 identified
vulnerabilities exploited before their disclosure in the wild,
11 of them were new to employer from that of first zero day
attack.
III. PROPOSED METHODOLOGIES
The solution proposed in the paper to address the issue of
Phishing attacks used different technologies with additional
way to educate the organization employ by means aware-
ness campaign to address all aforementioned subcategories
of phishing attacks in the previous section. However, the
techniques choosed to combated phishing attacks are discussed
in detail one by one with its advantages and disadvantages.
1. Detecting of phishing attacks through active and passive
method
2. Detection and Preventing of Phishing attacks through IDS
and IPS
3. Victim awareness/education campaign
4. Anti-Phishing server
5. Web server security toolbar
5. Anti-Phishing honey pots
Fig. 3. Detail overview of various phishing attacks techniques used in this
paper
A. Detecting Phishing attacks
The attackers use some skillful method to reach the target
victims via emails and websites. While Detecting is the
method used to identify these malicious sites and emails,
some browser has the self defense feature against such kind of
attacks by detecting and reporting them to an administrator.
The detection of such kind malicious activities is based on
real time traffic (Active attacks). The passive indicator on
the other hand doesn’t interrupt the user current task to
report malicious traffic immediately to network administrator
or organization IT expert team to take an appropriate action
against it [5]. Passive indicator is not more effective, because
the user most of the time ignore or simple notice it. Active
indicator is more effective in detecting malicious activities to
acknowledge the end user about malicious site, and also take
an appropriate action accordingly. Example of this includes
Intrusion Detection Systems (IDS) devices, tool and software,
which is used to detect malicious activity in the network,
websites and servers. IDS detect malicious site, websites and
traffic as based on their installation and configuration. IDS
has different types like, Host based IDS (HIDS) and Network
Based IDS (NIDS). Network base IDS used on the router side
with configuration to filter all traffic go through (IN/OUT) the
network. The NIDS stop the traffic of websites, email server
and DNS server by means of Brand monitoring, behavior
detection, security authentication and security events if not
matched with device security authentication configuration.
Furthermore, network based IDS is more effective and less
expensive to use for large organizations. Host based IDS is
another effective way to detect, stop and restrict the malicious
activity on a specific host server as per their configuration
like restricts emails by means of email analysis, websites by
blacklist and similarity layout by comparison. Host based IDS
are expensive, but more effective to protect individual server
or host from Phishing attacks.
B. Prevention of Phishing attack through IPS
Preventive phishing has great importance in phishing at-
tacks, because this method not only detects malicious web-
sites and email server. But it also block the sites containing
malicious information and report them [5, 19]. Preventive
phishing first carried a verification of the sites before the
authorization, through machine learning to verify the security
parameters. Furthermore, compare network traffic (IN/OUT)
with their configuration, such as (profile, Signature match
etc) to allow only legitimate information and restrict the
information, website, email servers they are not matched with
defined parameters. IPS has the ability to detect and stop the
traffic during traffic analysis phase if they are not matched to
their profile, signature or threshold value [9]. Phishing filter
is another anti-Phishing preventive technique used to monitor
malicious site by filtering the traffic (IN/OUT) of the network
[6, 21]. Preventive Phishing is also use URL with an IP
address, attributes, domain name, and link text to check against
each mail received, with internal configuration to verify the
security standard, if any mismatch or similarity index with
blacklist information in its internal configuration they stop
them, log file and report them [9].
C. Victims awareness/education
The awareness campaign can also play a very important role
to avoid phishing attacks. The current awareness, education
against phishing attacks is not sufficient, because most of
the attacks were seen in the above paragraph and sections
are happened due to the end user negligences. Therefore,
the effectiveness of awareness campaign cannot be ignored
to prevent these attacks. The advance phishing attacks, such
as shown in the article [7]. Most of these attacks have been
addressed up to a reasonable extent through an awareness
campaign. The researchers still working hard to familiarize
the victim users with anti-phishing methodologies like games
and other embedded security awareness tool in the server
to familiarize end user with security threats. The example
of game phishing familiarization is the Anti-Phishing Phil’
which means teach and help the user to identify malicious
URLs and other phishing scams [19]. The embedded server
training program is another technique used as “Anti-phishing”,
to familiarize the victims with phishing attacks threats. This
technique is used to send mock phishing mail to the end user
to acknowledge them security threats. They are also helpful
to teach them, how to avoid phishing attacks. The example of
this technique highlights that some mock emails were sent
to end users, and they were asked to open these attached
emails, once they open these phishing contained emails, they
were shown with the message that the link is contained with
fake website or malicious information. The Mock phishing
awareness campaign also increases the end user knowledge to
protect against phishing attacks.
D. Anti-Phishing Client/Server based
Anti-Phishing host based and server based defense tech-
niques can minimizes phishing attacks, due to its rigid pro-
tection nature. Anti-Phishing server is the external plug-in
application software to the browser that is very effective in
information flaws based solution, blacklist etc,. [10, 11]. Once
the anti-Phishing server is installed in the browser, the browser
makes a request for a user-name and password for the new
user. The password of the new user is stored and encrypted
with the DES standard in the browser. This type of anti-
Phishing technique works very efficiently to protect the victim
users, because once they enter a malicious site, mail server
or un-trusted sites on a browser generate a warning alert,
before sharing or sending any information from victim system.
Anti-Phishing server also plays an important role to protect
victims with the similar layout of security threats and attacks,
because of there high detection rate. Anti-Phishing server
of similarity layout used to compare the “visual” similarity
index of the web page, if they are larger in number of the
mentioned threshold level in anti-Phishing server. Moreover,
the phishing web page is a ( web page, whose similarity index
is greater than that of a legitimate web page). The statistic are
shown in report of malicious website and warn the end users
[12]. Document object model (DOM) is also used as an anti-
Phishing in similarity layout to protect the victim users.
Fig. 4. Detail overview of Anti-Phishing techniques used in client and server
based authentication
E. Web server security toolbar
Web server based security toolbar defense includes protect-
ing of victims through SSL (Secure socket layer) and TLS
(Transport Layer Security) protocol, because most of the server
and web browser support SSL and TLS [12]. SSL (Secure
socket layer) and TLS (Transport Layer Security) both use
advance public key cryptographic protocol. The operation of
TLS and SSL is based on the handshake, where authentication
between user and server is made through a handshake.
Fig. 5. shows a brief Handshake authentication between user and server
However, when the authentication/handshake process is com-
pleted, a secure channel is established between client and
server to transfer data between the client and server. The
brief overview of the secure channel establishment is shown
in below diagram. HTTPS and IPSec are other protocols
Fig. 6. overview diagram, when the authentication phase completed and
communication flow took place among client and server
used to protect victims from Phishing attacks [14]. IPSec
(Internet Protocol security) uses authentication Header (AH)
and Encapsulation Security payload (ESP) for authentication
and encryption of data. Authentication Header (AH) is used
as the authentication protocol, while Encapsulation security
payload (ESP) used as authenticating and encrypting protocol
to provide a secure channel for communication between client
and server to achieve authentication, confidentiality and data
integrity as discussed in the article [14]. Web server secu-
rity toolkit is also very efficient against Pharming Phishing,
because it also encourage the end user/customers to login
with HTTPS protocol in desired sites to protect their login
credentials and avoid phishing attacks.
F. Anti-Phishing Honeypots
The undermentioned figure represents the simulation
diagram, where we have practically used honpots as Anti-
Phishing to overview the result statistics of the network.
Fig. 7. overview diagram, when the authentication phase completed and
communication flow took place among client and server
Anti-Phishing Honeypots is another widely used tool
protecting victims from more advance phishing attacks, such
as malware and worm. The mentioned tool are very effective
to detect phishing contained emails and websites. Moreover,
they report the phishing contained sites to end users with an
option of shutdown, before they are doing something harm
to organization. Anti-Phishing Honeypots are very effective
in E-commerce and financial institutes in the current internet
technology era, because they detect malicious web sites as
an active tool to protect their organization’s network, server
and customer from phishing attacks [15, 16]. Anti-Phishing
Honeypots also play a vital role in forensic investigation,
because it makes log of all traffic pass through it. Therefore,
they are very effective tool against phishing attacks to
protect end user. Below are two the most important types of
anti-Phishing Honeypots.
1. High interaction Honeypots
2. Low Interaction Honeypots
High interaction Honeypots consists of real physical
machines. They are currently playing very important role
in forensic investigation, because they make log file of
vulnerability and intruder attacks, which are helpful to reach
the intruder in most of the cases and caught them. High
interaction honeypots are very efficient tools against phishing
attacks to protect the organization and minimize phishing
attacks.
Low interaction Honeypots anti-phishing emulate the
vulnerability related window protocols like (SMTP, FTP)
targeted by malware. Low interaction honeypots are easy
to implement, because of there simplicity and user friendly
interaction with the virtual machines. Therefore, the research
of this paper against Phishing attacks emphasis on to follow
Anti-Phishing honeypots to protect organization and end user
from phishing attacks.
 IV. E XPERIMENT ANALYSIS R ESULTS
The result analysis is made on the basis of different
techniques adopted in this research to prevent Phishing
attacks. IDS and IPS equipment are installed in Cisco packet
tracer simulation tool with designated network. However, the
security tool as mentioned earlier in the paper were attached
on both the sides of the network (server and client side with
declaration of some websites and IP address, MAC address)
to detect different types of attacks based on IP spoofing, MAC
address spoofing and web browser attack. The analysis result
extract during simulation showed a clear difference between
the attack success ratio before the installation of mentioned
devices and after installation of these devices. The result is
compared on the basis of launching attacks, before and after
installation of IDS and IPS (in simulating environment) in
%. The attacks launched before the installation of IDS and
IPS on the network was through IP spoofing, websites and
MAC addresses spoofing to access the network, the result
observed from simulation tool showed as a compromised
network by sending an ICMP ping request from intruder
PC via MAC address spoofing and as well as IP spoofing.
The same attacks were launched after the installation of IDS
and IPS, where the IP and MAC address are specified for
communication in the network, same like blocking the same
IP address and MAC address in access control list of IDS
and IPS. The results were found more effective and attractive
as compared with previous results, before the installation
of aforementioned tools. The detail result analysis graph is
shown below in figure 8.
Fig. 8. Statistic diagram of Phishing attacks after installation of proposed
devices
The experiment statistic was continued, but this time the
result analysis were for victim’s awareness campaign. The
cloth industry organization was chosen for this purpose at
(Sawabi) to compare the result of social engineering phishing
technique. A phone call was made to the employment of
different department in the organization and pretended himself
as a CEO of the organization to ask password of an individual
computer system in the organization, 60 % of the employ
share their password without knowing furthermore about the
CEO at first attempt, 15 % were found hesitated to share
their credentials and the other 25 % employment were found
with sufficient knowledge about their trade job and sharing
personal credential. The detail analysis is shown in figure 9
of the paper.
Fig. 9. Detail analysis of social engineering attacks, which was observed
during assessment for our proposed scheme
However, the same statistic is seen after an awareness
campaign, where employ of the said organization were
briefed about the internal and external security threats through
a lectures program at different departments. Moreover, the
lecture programs continuously arranged a couple of weeks and
understand the basic security threats in the same organization.
The concept of intranet and internet with its advantages
and disadvantages were clarified in the light of real world
existing threats. The assessment is arranged after six months
and the same social engineering technique was used with
different ideas by pretending himself as bank manager of
the local branch. The employed were asked to share their
account information for the sake of extra salary from their
organization (bonus payment), only 3 % employed shared
their credential 1 % were hesitated and the rest of the people
were found excellent and with sufficient knowledge about the
social engineering threats. The graph of figure 10 represents
the statistical analysis results, after education campaign.
Moreover, the comparison is furthermore categorized in the
analysis of different phishing preventive techniques. Table
1 represents the overall comparison analysis of proposed
anti-Phishing techniques with their effectiveness ratio of the
different types of phishing attacks.
Table I of the paper briefly overviews various schemes and
their effective role in prevention of phishing attacks. Moreover,
 V. CONCLUSION
Phishing attacks were started in 90,s to steal personal
information, credential information, credit card information,
and online transaction credential of victim users. The emphasis
of this paper is on end use security of clients and networks.
However, some anti-phishing techniques are discussed in detail
to resolve the aforesaid attacks. We have also discussed some
phishing attacks made through social engineering, like e-
Commerce, financial transactions and fake mails, etc. Social
engineering Phishing always use a more efficient way to
convince the victims. The paper proposed a solution to install
IDS and IPS in the network, and also launches awareness
campaign to educate the end user’s network (organization
employs to deny social engineering phishing attacks). Internet
technology is one of the prepared media used by attacker
in phishing attacks, which basically affect the impressive
structure of organization like e-commerce, online shopping,
Fig. 10. Statistical analysis of phishing attacks after education campaign online banking and other online businesses. These attacks can
be avoided by the uses of detecting phishing attacks devices,
TABLE I tools, application and software. The survey of this paper will
D ETAIL ANALYSIS OF DIFFERENT SCHEMES , WHILE PREVENTING help users to understand the history and different techniques
PHISHING ATTACKS WITH ITS ADVANTAGES AND DISADVANTAGES used by intruder to launch phishing, but it will also help them
Technique Description Advantage Limitation with latest solutions conferred to prevent these attacks, and
Name provide safeguard to end users and organizations.
Computer Tool, applica- This type of Very expensive, lim-
based tion software training is easy ited by lack of system
training and system and accurate knowledge ACKNOWLEDGMENT
Tool to Anti-Phishing They can block Very expensive tool,
filter tools such malicious sites Not very efficient for This work is supported by Higher Education Commission
as Microsoft internal attackers and of Pakistan and Department of Computer Science, Virtual
filter and web lack hum knowledge
senser University of Pakistan, Lahore.
Human Awareness Minimize attacks Trust tendency, Rela-
base campaign of up to great extent tive human decision, R EFERENCES
end uses or by educating end greed and with emo-
clients user with phish- tional human influ-
[1] Watson, D., Holz, T., & Mueller, S. (2005). Know your enemy:
ing attacks types ence
Phishing. The Honeynet Project & Research Alliance.
and harming
Scanning Anti-scams Scanning They are ignored by
[2] Krieg, G.andKopan, T. 2016. CNN News, Is this the
and Anti-virus, the websites human once they re-
email that hacked John Podesta’s account?, Available at:h
alerting and Anti- efficiently, alert ceived alter.
ttp://edition.cnn.com/2016/10/28/politics/phishing-email-hack-john-
software Spams about harm
podesta-hillary-clinton-wikileaks/ ¿, (Accessed 19 November 2016).
efficiently and
act as strong
[3] Wombat (2018). State of the Phish. Available online at :
security product
https://info.wombatsecurity.com/state-of-the-phish

[4] Proofpoint: Leader in advance cyber security;

https://www.proofpoint.com/sites/default/files/pfpt-us-tr-q118-quarterly-
the analysis of all mentioned schemes are made on the bases threat-report.pdf
of advantage and disadvantages, to verify its implementation
[5] Proofpoint: Leader in advance cyber security;
suitability in the network as well as in social environment https://www.proofpoint.com/sites/default/files/pfpt-us-tr-q218-quarterly-
(application of networks). threat-report.pdf

[6] Barkly blog ::https://blog.barkly.com/phishing-attacks-campaigns-2018

[7] J. S. Downs, et al., “Behavioural response to phishing risk,” presented at

the Proc. anti-phishing working groups 2nd annual eCrime researchers
summit, ACM Conf, Pittsburgh, Pennsylvania, 2007, pp. 37-44.

[8] P Kumaraguru, Y Ree, A Aquisti, LF Cranor, J Hong‘ Protecting

People from Phishing: the design and evaluation of an embedded
training email system’ Proceedings of the SIGCHI conference on
Human Factors in Computing Systems, ACM (2007), pp. 905-914
 [9] Tripwire.com security organization https://www.tripwire.com/state-
of-security/security-data-protection/three-quarters-organizations-
experienced-phishing-attacks-2017-report-uncovers/

[10] Gunter Ollman. The Phishing Guide - Under-standing and Preventing

Phishing Attacks. WhitePaper, Next Generation Security Software
Ltd.,2004.

[11] Angelo P.E Rosiello, Engin Kirda, Christopher Krueger, and Fabrizio
Ferrandi “A layout simililarity-based-approach for detecting Phishing
pages” IEEE International conference on security and privacy in
communication network. France, 2007

[12] Christian Ludl, Sean McAllister, Engin Kirda and Christopher Krueger
“On effectivenessof techniques to Detect Phishing sites”. Detection of
intrusion and Malware and vulnerability Assessment (DIMVA) 2007
conference, Lucerne Switzerland, July 2007

[13] Dierks T, Rescorla E. The transport layer security (TLS) protocol

version 1.1, internet request for comment (RFC) number 4346; April
2006

[14] N. Ferguson and B. Schneier, “A cryptographic evaluation of IPsec.”

Unpublished manuscript available from http://www.schneier.com/paper-
ipsec.html, Feb. 1999.

[15] S. Chauhan, S. Shiwani, A honeypots based anti-phishing framework,

in 2014 International Conference on Control, Instrumentation,
Communication and Computational Technologies (ICCICCT) (IEEE,
2014), pp. 618–625G

[16] H. Ulusoy, M. Kantarcioglu, B. Thuraisingham, L. Khan, Honeypot

based unauthorized data access detection in mapreduce systems, in
2015 IEEE International Conference on Intelligence and Security
Informatics (ISI) (IEEE, 2015), pp. 126–131

[17] https://www.wombatsecurity.com/blog/phishing-pretexting-and-data-
breaches-verizons-2018-dbir

[18] J. Chen and C. Guo, “Online detection and prevention of phishing

attacks,” in in Proc. Fifth Mexican International Conference in
Computer Science, IEEE Conf, 2006, pp. 1-7.

[19] Gunter Ollmann, “The Phishing Guide - Understanding & Preventing

Phishing Attacks,” IBM Internet Security Systems, 2004.

[20] Black stratus security organization report;

https://www.blackstratus.com/ultimate-guide-zero-day-attacks/

[21] M. Jakobsson‘Modelling and Preventing Phishing Attacks’ Financial

Cryptography, 5 (2005)

[22] Chaker, T. R. (2019). MALICIOUS WEB BROWSER EXTENSION

DETECTOR (Doctoral dissertation, UNIVERSITY’S MOHAMED
BOUDIAF OF M’SILA Faculty of Mathematics and computer
sciences-DEPARTMENT: Computer Science-BRANCH: Computer
Science OPTION: RTIC).

View publication stats