PHAD- A Phishing Avoidance and Detection Tool Using Invisible Digital Watermarking - PowerPoint PPT Presentation

Loading...

PPT – PHAD- A Phishing Avoidance and Detection Tool Using Invisible Digital Watermarking PowerPoint presentation | free to download - id: 7a6d55-MzU3N



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

PHAD- A Phishing Avoidance and Detection Tool Using Invisible Digital Watermarking

Description:

PHAD- A Phishing Avoidance and Detection Tool Using Invisible Digital Watermarking By Sonali Batra Web 2.0 Security and Privacy 2014 Web 2.0 Security and Privacy 2014 ... – PowerPoint PPT presentation

Number of Views:9
Avg rating:3.0/5.0
Slides: 13
Provided by: w2s1
Learn more at: http://w2spconf.com
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: PHAD- A Phishing Avoidance and Detection Tool Using Invisible Digital Watermarking


1
PHAD- A Phishing Avoidance and Detection Tool
Using Invisible Digital Watermarking
By Sonali Batra
Web 2.0 Security and Privacy 2014
2
What is Phishing Phishing Trends
  • A form of social engineering
  • Phishers send fake site's url in spam mail
  • A huge problem!
  • Number of unique phishing sites in Sept 2013
    alone 45,115 ( 56.22 contain some form of
    target name in url)
  • Number of unique phishing email reports received
    by APWG - 56,767

Web 2.0 Security and Privacy 2014
3
PHAD A Phishing Avoidance and Detection Tool
  • Downloadable extension to Firefox browser.
  • Uses invisible digital watermarking.
  • Uses uniqueness of domain name of website.
  • Uses robust digital watermarking.
  • Implemented using Outguess a universal
    steganographic tool.
  • Based on observation that some phishers copy
    content of legitimate sites like source code and
    images to use in fake site.

Web 2.0 Security and Privacy 2014
4
Working of PHAD
  • Companies invisibly watermark their logo images
    with the domain names of their websites.
  • When phisher copies the image, the watermark
    travels along with it.
  • Browser on client side detects watermark and
    compares to domain name.
  • If both match, website is legitimate else website
    is phished.

Web 2.0 Security and Privacy 2014
5
Related Work
  • Huajun Huang, Yaojun wang, Lili Xie and Liqing
    Jiang.An Active Anti-phishing Solution Based on
    Semi- fragile Watermark.
  • Watermark concatenation of domain name and other
    parameters into source code of website by equal
    tag method.
  • Can easily be reversed if phisher is aware of
    scheme.

Web 2.0 Security and Privacy 2014
6
Disclaimer
  • PHAD is intended to serve only as a first defense
    and not as a complete filter.
  • Artistic hackers having plenty of time on their
    hands could make a similar looking logo.
  • If a phisher has access to the client watermark
    detection software, a phisher could observe it to
    remove watermark. Then re-watermark image.
  • No known software exists to automate this yet.
  • PHAD significantly increases effort required by
    phisher.

Web 2.0 Security and Privacy 2014
7
A Few Questions
  • What if phisher takes screenshot or photograph of
    image? - watermark shall persist across
    screenshots and good quality photographs
  • What if a company has multiple domain names? Eg
    google.in and google.us We shall watermark all
    the domain names into the image. The client
    checks if at least one matches the extracted
    watermark.
  • What if a company has multiple logos? - All
    domain names watermarked in all logos.

Web 2.0 Security and Privacy 2014
8
A Few Questions
  • What if a website wants to embed logo of another
    company in its webpage? eg. CNN runs a story on
    Google or Facebook.
  • Multiple images allowed on page.
  • Company having highest ratio of images compared
    to domain name.

Web 2.0 Security and Privacy 2014
9
A Few Questions
  • What if a website has two or more watermarked
    images? - The company having the highest ratio
    shall be compared to domain name.
  • Instead, if both of images were to be compared,
    PHAD would fail. This is because attacker could
    put original image with watermark of company and
    her own image with her own fake site's watermark
    (which would match domain name of fake site)

Web 2.0 Security and Privacy 2014
10
A Few Questions
  • How is this better than using Https?
  • Users are not aware that url should be preceded
    by https instead of http.
  • No single point of failure.
  • Https can be used as added security measure along
    with PHAD.

Web 2.0 Security and Privacy 2014
11
Future Work
  • Implement scheme for other browsers and other
    operating systems instead just firefox and
    linux.
  • Audit top 20 banks and top 100 websites to see if
    they would be able to use this approach or not.
  • Conduct a 'Wizard of Oz' study to demonstrate
    that users like and understand the approach.

Web 2.0 Security and Privacy 2014
12
Questions???
Web 2.0 Security and Privacy 2014
About PowerShow.com