AN ANTI-PHISHING MODEL FOR ECOMMERCE UNDER A NETWORK ENVIRONMENT

Yifei Cheng, Gen Li

Abstract

It is a complicated problem to detect the ecommerce phishing websites in real time. The detection is affected by a lot of factors which are indistinct and correlative. Therefore, fuzzy classification tools can translate the phishing websites details into crisp numbers which could be understood by human. In this paper, we proposed a model which includes six standards and twenty seven elements with fuzzy data mining method to detect and assess the ecommerce phishing risk rate. Although lack of the specific data to do experiment to check the validity, it is a good start to focus on the ecommerce security.

References

  1. Adida, B., Hohenberger, S. & Rivest, R., (2005). Fighting Phishing Attacks:A Lightweight Trust Architecture fro Detecting Spoofed Emails. In DIMACS Wkshp on Theft in E-Commerce.
  2. Anti-Phishing Working Group (2007). Phishing Activity Trends Report. Available from www.antiphishing.org/ reports/apwg_report_april_2007.pdf
  3. Bridges, S. M. & Vaughn, R. B., (2001). Fuzzy data mining and genetic algorithms applied to intrusion detection. Department of Computer Science Mississippi State University, White Paper.
  4. Cendrowska, J., (1987). PRISM: An algorithm for inducing modular rules. International Journal of Man -Machine Studies, 27(4), 349-370.
  5. Ciesielski Vic & Lalani Anand (In press). Data mining of web access logs from an academic web site. In Proceedings of the third international conference on hybrid intelligent systems (HIS 78 03): Design and Application of Hybrid Intelligent Systems (pp. 1034- 1043). IOS Press.
  6. Dhamija, R. & Tygar, J. D., (2005). The battle against phishing: Dynamic security skins. In Proceeding s of the 2005 symposium on Usable Privacy and Security.
  7. Han, E. & Karypis, G., (2000). Centroid-based document classification: Analysis and experimental results. Principles of Data Mining and Knowledge Discovery, 424-431.
  8. FDIC (2004). Putting an end to account - hijacking identity theft. Available from http://www.fdic.gov/ consumers/consumer/idtheftstudy/identity_theft.pdf
  9. Herzberg, A. & Gbara, A., (2004). TrustBar: Protecting (even naive) web users from spoofing and phishing attacks. Draft of July, 11.
  10. Ho, C. Y., Ling, B. W. & Reiss, J. D., (2006). Fuzzy impulsive control of high-order interpolative low-pass sigma - delta modulators. IEEE Transactions on Circuits and Systems-I: Regular Papers, 53(10).
  11. James, L., (2006). Phishing exposed. Tech target article sponsored by: Sunbelt software.
  12. J. R. Quinlan (1996). Improved use of continuous attributes in c4.5. Journal of Artificial Intelligence Research, 4, 77-90.
  13. Liu, B., Hsu, W. & Ma, Y., (1998). Integrating classification and association rule mining. In Proceedings of the fourth international conference on knowledge discovery and data mining. KDD-98, Plenary Presentation. New York, USA
  14. Liu, M., Chen, D. & Wu, C., (2002). The continuity of Mamdani method. International Conference on Machine Learning and Cybernetics, 3, 1680-1682.
  15. Liu, W., Deng, X., Fu, A. Y., (2006). Detecting phishing web pages with visual similarity assessment based on earth mover's distance (EMD). IEEE Internet Computing, 3(4)(pp. 58-65).
  16. Liu, W., Deng, X., Huang, G. & Fu, A. Y., (2006). An antiphishing strategy based on visual similarity assessment, published by the IEEE computer society (pp. 58-65). Internet Computing IEEE.
  17. Liu, W., Huang, G., Liu, X., Zhang, M. & Deng, X., (2005). Phishing Web Page Detection. In Proceeding of eighth International conference on documents analysis and recognition (pp. 560-564).
  18. Misch, S., (2006). Content negotiation in Internet mail. Diploma thesis. University of Applied Sciences Cologne, Mat. No.: 7042524.
  19. Netcraft (2004). Available from http://toolbar.netcraft.com.
  20. Olsen, S., (2004). AOL tests caller ID for e-mail.
  21. Pan, Y. & Ding, X., (2006). Anomaly based web phishing page detection. In Proceedings of the 22nd annual computer security applications conference.
  22. Wu, M., Miller, R. C. & Garfinkel, S. L., (2006a). Do Security Toolbars Actually Prevent Phishing Attacks? In Proceedings of the SIGCHI Conference on Human Factors in Computing System.
  23. Wu, M., Miller, R. C. & Little, G., (2006b). Web wallet: Preventing phishing attacks by revealing user intentions. In Proceeding s of the Symposium on Usable Privacy and Security.
Download


Paper Citation


in Harvard Style

Cheng Y. and Li G. (2011). AN ANTI-PHISHING MODEL FOR ECOMMERCE UNDER A NETWORK ENVIRONMENT . In Proceedings of the 13th International Conference on Enterprise Information Systems - Volume 1: NMI, (ICEIS 2011) ISBN 978-989-8425-53-9, pages 400-404. DOI: 10.5220/0003569404000404


in Bibtex Style

@conference{nmi11,
author={Yifei Cheng and Gen Li},
title={AN ANTI-PHISHING MODEL FOR ECOMMERCE UNDER A NETWORK ENVIRONMENT},
booktitle={Proceedings of the 13th International Conference on Enterprise Information Systems - Volume 1: NMI, (ICEIS 2011)},
year={2011},
pages={400-404},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003569404000404},
isbn={978-989-8425-53-9},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 13th International Conference on Enterprise Information Systems - Volume 1: NMI, (ICEIS 2011)
TI - AN ANTI-PHISHING MODEL FOR ECOMMERCE UNDER A NETWORK ENVIRONMENT
SN - 978-989-8425-53-9
AU - Cheng Y.
AU - Li G.
PY - 2011
SP - 400
EP - 404
DO - 10.5220/0003569404000404