Link Guard Algorithm and Methods to Enhance Web Security Against Phishing Attacks

Last Updated: 19 Apr 2023
Pages: 3 Views: 219
Table of contents

Abstract

Phishing is a new type of network attack where the attacker creates accurate copy of an existing web page to fool users ex submitting personal, financial, or password data to what they think is their service provider’s website. The concept is an anti-phishing algorithm, called the Link Guard, by utilizing the generic characteristics of the hyperlinks in phishing attacks. The link Guard algorithm is the concept for finding the phishing emails sent by the phisher to grasp the information of the end user.

Link Guard is based on the careful analysis of the characteristics of phishing hyperlinks. Each end user is implemented with Link Guard algorithm.

Order custom essay Link Guard Algorithm and Methods to Enhance Web Security Against Phishing Attacks with free plagiarism report

feat icon 450+ experts on 30 subjects feat icon Starting from 3 hours delivery
Get Essay Help

Existing System

  • Detect and block the phishing Web sites in time: If we can detect the phishing Web sites in time, we then can block the sites and prevent phishing attacks. But it's difficult to find those phishing sites out in time. There are two methods for phishing site detection.
  • The Web master of a legal Web site periodically scans the root DNS for suspicious sites.
  • Since the phisher must duplicate the content of the target site, he must use tools to (automatically) download the Web pages from the target site. It is therefore possible to detect this kind of download at the Web server and trace back to the phisher.

Drawbacks

Many phishing attacks simply do not require a DNS name. For phishing download detection, clever phishers may easily write tools 2) Enhance the security of the web sites: The business Websites such as the Web sites of banks can take new methods to guarantee the security of users' personal information.

There two method to enhance the security

  • Using hardware devices: For example, a hand-held card reader
  • Biometrics characteristic: e. g. voice, fingerprint, iris, etc.

Drawbacks

All these techniques need additional hardware and also will increase the cost. Therefore, it still needs time for these techniques to be widely adopted. Block the phishing e-mails by various spam filters: The phishers hide their identities when sending the spoofed e-mails, therefore, if anti-spam systems can determine whether an e-mail is sent by the announced sender the phishing attacks will be decreased dramatically.

The techniques that preventing senders from counterfeiting their Send ID (e. g. SIDF of Microsoft) can defeat phishing attacks efficiently. SIDF is a combination of Microsoft's Caller ID for E-mail and the SPF (Sender Policy Framework). Both Caller ID and SPF check e-mail sender's domain name to verify if the e-mail is sent from a server that is authorized to send e-mails of that domain and from that to determine whether that e-mail use spoofed e-mail address. If it's faked, the Internet service provider can then determine that e-mail is a spam e-mail.

The spoofed e-mails used by phishers are one type of spam e-mails. the spam filters can also be used to filter those phishing e-mails. Spam filters are designed for general spam e-mails and may not very suitable for filtering phishing e-mails since they generally do not consider the specific characteristics of phishing attacks.

Install online anti-phishing software in user’s computers: Despite all the above efforts, it is still possible for the users to visit the spoofed Web sites. As a last defense, users can install anti-phishing tools in their computers.

The anti-phishing tools in use today can be divided into two categories: blacklist/white list based and rule-based.

  • When a user visits a Web site, the antiphishing tool searches the address of that site in a blacklist stored in the database. If the visited site is on the list, the anti-phishing tool then warns the users . They cannot prevent the attacks from the newly emerged (unknown) phishing sites.
  • Uses certain rules in their software, and checks the security of a Web site according to these rules.

LinkGuard works by analyzing the differences between the visual link and the actual link. It also calculates the similarities of a URI with a known trusted site: It includes two parts: a whook. dll dynamic library and a LinkGuard executive. Whook is a dynamic link library; it is dynamically loaded into the address spaces of the executing processes by the operating system. Whook is responsible for collecting data, such as the called links and visual links, the user input URLs. LinkGuard is the key component of the implementation.

It’s composed of 5 parts Comm: This collects the information of the input process, and sends these related information’s to the Analyzer. Database: Store the white list, blacklist, and the user input URLs. Analyzer: It is the key component of Link Guard, which implements the Link Guard algorithm; it uses data provided by Comm and Database, and sends the results to the Alert and Logger modules.

Alerter

When receiving a warning message from Analyzer, it shows the related information to alert the users and send back the reactions of the user back to the Analyzer.

Cite this Page

Link Guard Algorithm and Methods to Enhance Web Security Against Phishing Attacks. (2018, Sep 07). Retrieved from https://phdessay.com/antiphishing/

Don't let plagiarism ruin your grade

Run a free check or have your essay done for you

plagiarism ruin image

We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy

Save time and let our verified experts help you.

Hire writer