A quantitative approach to estimate a website security risk using whitelist
- Authors
- Kim, Young-Gab; Lee, Minsoo; Cho, Sanghyun; Cha, Sungdeok
- Issue Date
- 10월-2012
- Publisher
- WILEY-HINDAWI
- Keywords
- phishing; pharming; website security risk; website blacklist; website whitelist; risk analysis
- Citation
- SECURITY AND COMMUNICATION NETWORKS, v.5, no.10, pp.1181 - 1192
- Indexed
- SCIE
SCOPUS
- Journal Title
- SECURITY AND COMMUNICATION NETWORKS
- Volume
- 5
- Number
- 10
- Start Page
- 1181
- End Page
- 1192
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/107287
- DOI
- 10.1002/sec.420
- ISSN
- 1939-0114
- Abstract
- Despite much research on defense against phishing attacks, incidents continue to occur where sensitive (e.g., personal or financial) information is stolen using social engineering and technical spoofing techniques. Most approaches use the notions of blacklists versus whitelists (WWLs), and it is difficult to quantify the degree of a website's vulnerability against phishing attacks. In this paper, we present a quantitative approach for evaluating the phishing possibility of a given website using the refined security risk elements for domain and web page. Design and implementation of the website risk assessment system for antiphishing are also included. It can detect suspicious websites containing phishing attack and abnormal behavior and generates a warning if website is judged untrustworthy. Copyright (c) 2012 John Wiley & Sons, Ltd.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - Graduate School > Department of Computer Science and Engineering > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.