Today, there is an exponential growth of e-services requiring the exchange of personal and sensible data over the Internet. Phishing techniques are emerging as the easiest solution to break the weakest link of the security chain: the end user. Social engineering attacks are deployed by financial/cyber criminals at a very low cost to induce naïve Internet users to reveal user credentials such as bank account and credit card numbers. This problem needs to be addressed in the mobile field as well, due to the large diffusion of mobile devices such as smartphones, tablet, etc. In this paper we propose a novel framework for phishing detection in Android mobile devices which, on the one hand exploits well-known techniques already implemented by popular web browsers plug-in, such as public blacklist search, and, on the other hand, implements a machine learning detection engine which ensure zero-hour protection from new phishing campaigns.
MP-shield: A framework for phishing detection in mobile devices / Bottazzi, G.; Casalicchio, Emiliano; Cingolani, Davide; Marturana, F.; Piu, M.. - STAMPA. - (2015), pp. 1977-1983. (Intervento presentato al convegno 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015 tenutosi a Liverpool; United Kingdom; 26 October 2015 through 28 October 2015; Category numberE5644; Code 118896 nel 2015) [10.1109/CIT/IUCC/DASC/PICOM.2015.293].
MP-shield: A framework for phishing detection in mobile devices
CASALICCHIO, EMILIANO;CINGOLANI, DAVIDE;
2015
Abstract
Today, there is an exponential growth of e-services requiring the exchange of personal and sensible data over the Internet. Phishing techniques are emerging as the easiest solution to break the weakest link of the security chain: the end user. Social engineering attacks are deployed by financial/cyber criminals at a very low cost to induce naïve Internet users to reveal user credentials such as bank account and credit card numbers. This problem needs to be addressed in the mobile field as well, due to the large diffusion of mobile devices such as smartphones, tablet, etc. In this paper we propose a novel framework for phishing detection in Android mobile devices which, on the one hand exploits well-known techniques already implemented by popular web browsers plug-in, such as public blacklist search, and, on the other hand, implements a machine learning detection engine which ensure zero-hour protection from new phishing campaigns.| File | Dimensione | Formato | |
|---|---|---|---|
|
Bottazzi_MP-Shield_2015.pdf
solo gestori archivio
Tipologia:
Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
345.1 kB
Formato
Adobe PDF
|
345.1 kB | Adobe PDF | Contatta l'autore |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
