VBEx: A Browser Plug-In To Prevent DNS Based Phishing Attacks
Published: 2013
Author(s) Name: Swapan Purkait, S.K. De |
Author(s) Affiliation: Vinod Gupta School of Management, Indian Institute of Technology, Kharagpur, India.
Locked
Subscribed
Available for All
Abstract
Phishing has grown significantly in last decades or so,
becoming the most common web threat today. To mitigate
the widespread problem of phishing on the Internet, almost
all modern day web browsers provide security indicators.
Detecting and identifying any phishing websites in realtime,
particularly for e-banking, is really a complex and
dynamic problem involving many factors and criteria. This
work is the extension of our earlier work on Virtual
Browser (VB) (Purkait, 2012). In this study we propose
Virtual Browser Extension (VBEx) a web browser plug-in,
which checks for the authoritative name server and verifies
the same for a visiting website. In addition to that it
maintains a white list of websites that engage in online
monetary transactions so that when a user requires
accessing any of these, the default protocol should always
be HTTPS, failing which it will prevent the web browser to
load the requested website. We conducted series of lab test
on the VBEx prototype and found that the VBEx is a
promising approach.
Keywords: Phishing; Virtual Browser extension; Phishing countermeasures; Security indicators; Phishing toolbars
View PDF