Auto Phishing Detector (APD.3), my graduation project, is an anti-phishing solution which automatically detects phished websites and alerts the user instantly. Used C/++, PHP, JS, client-server approach, cryptography and BackTrack OS. Auto Phishing Detector got chosen as the second top innovative project in GITEX – Student Lab across the Middle East, Africa and South Asia and first in UAE.
Current anti-phishing techniques are closely related to the concept of the life-cycle of a phishing campaign as shown by Mahoud. They are divided into two main phases: a detection phase followed by an action or reply phase. Our approach belongs to the first type, i.e., detection. It aims at safeguarding the end-user from being the victim of a phishing attack. We propose a software-based tool box for preventing phishing. This tool box has been built with the following objectives:
- Use Black lists and white lists as a first filtering step. But we keep in mind they are not the primary mean of defense against phishing.
- Minimize the risk of zero-hour attacks by
- Preventing users to accessing existing but non-reported phishing sites by well-known web sites reporting phishing.
- Preventing also user of being victims of lesser known phishing sites due to their geographic locations, which can be reported less often but still are very harmful.
- Use artificial intelligence to build heuristics the analyse the following attributes of a web page.
- Once a phishing site is detected, it is added to our own blacklist that enrich the traditional blacklists
Minimize the overhead incurred by the application so that end-users are not penalized in terms of response time.
For more information about the project, read Auto Phishing Detector Brochure.
Auto Phishing Detector in News: