Phishing e-mail filtering mechanism using heuristic technique

Abstract

Phishing is a new type of network attack where the attacker creates a replica of an existing Web page to fool users (e.g., by using specially designed e-mails or instant messages) into submitting personal, financial, or password data to what they think is their service provides’ Web site. In this research paper, I proposed a novel method to phishing email filtering by the use of end-host based anti-phishing algorithm, which is call Link Guard and content based filtering by the use of knowledge discovery by utilizing the generic characteristics of the hyperlinks in phishing attacks. These characteristics are derived by analyzing the phishing data archive provided by the Anti-Phishing Working Group (APWG). Because it is based on the generic characteristics of phishing attacks, Link Guard can detect not only known but also unknown phishing attacks. Our experimental analysis verified that Link Guard is effective to detect and prevent both known and unknown phishing attacks with minimal false negatives. This research also showed that Link Guard is light weighted and can detect and prevent phishing attacks in real time.