Provided by: Institute of Electrical & Electronic Engineers
Date Added: Nov 2008
Phishing detection systems are principally based on the analysis of data moving from phishers to victims. In this paper the authors describe a novel approach to detect phishing websites based on analysis of users' online behaviors - i.e., the websites users have visited, and the data users have submitted to those websites. Such user behaviors cannot be manipulated freely by attackers; detection based on those data can not only achieve high accuracy, but also is fundamentally resilient against changing deception methods.