Lee et al., 2024 - Google Patents
Beneath the phishing scripts: A script-level analysis of phishing kits and their impact on real-world phishing websitesLee et al., 2024
- Document ID
- 15198158768240648393
- Author
- Lee W
- Hur J
- Kim D
- Publication year
- Publication venue
- Proceedings of the 19th ACM Asia Conference on Computer and Communications Security
External Links
Snippet
Phishing kits have become increasingly popular among cybercriminals because they offer an easy-to-use and efficient way for phishing attackers to build phishing websites. Prior work on phishing kits has focused on analyzing specific behavioral features (eg, evasion …
- 238000004458 analytical method 0 title abstract description 12
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30861—Retrieval from the Internet, e.g. browsers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3409—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment for performance assessment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
- G06F2201/875—Monitoring of systems including the internet
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Zhang et al. | Crawlphish: Large-scale analysis of client-side cloaking techniques in phishing | |
| US11483343B2 (en) | Phishing detection system and method of use | |
| Goel et al. | Mobile phishing attacks and defence mechanisms: State of art and open research challenges | |
| Maroofi et al. | COMAR: classification of compromised versus maliciously registered domains | |
| US9942250B2 (en) | Network appliance for dynamic protection from risky network activities | |
| Amrutkar et al. | Detecting mobile malicious webpages in real time | |
| US20110191849A1 (en) | System and method for risk rating and detecting redirection activities | |
| Akiyama et al. | HoneyCirculator: distributing credential honeytoken for introspection of web-based attack cycle | |
| Maroofi et al. | Are you human? resilience of phishing detection to evasion techniques based on human verification | |
| Bhardwaj et al. | Privacy-aware detection framework to mitigate new-age phishing attacks | |
| Gupta et al. | Exploitation of cross-site scripting (XSS) vulnerability on real world web applications and its defense | |
| Yoon et al. | Doppelgängers on the dark web: A large-scale assessment on phishing hidden web services | |
| Sanchez-Rola et al. | Dirty clicks: A study of the usability and security implications of click-related behaviors on the web | |
| Goenka et al. | A comprehensive survey of phishing: Mediums, intended targets, attack and defence techniques and a novel taxonomy | |
| Liao et al. | Lurking malice in the cloud: Understanding and detecting cloud repository as a malicious service | |
| Stivala et al. | Deceptive previews: A study of the link preview trustworthiness in social platforms | |
| Akiyama et al. | Active credential leakage for observing web-based attack cycle | |
| Chaudhary et al. | Plague of cross-site scripting on web applications: a review, taxonomy and challenges | |
| Tharani et al. | Understanding phishers' strategies of mimicking uniform resource locators to leverage phishing attacks: A machine learning approach | |
| Gupta et al. | Robust injection point-based framework for modern applications against XSS vulnerabilities in online social networks | |
| Shahriar et al. | PhishTester: automatic testing of phishing attacks | |
| Canfora et al. | A set of features to detect web security threats | |
| Rahman et al. | Classification of spamming attacks to blogging websites and their security techniques | |
| Lee et al. | Beneath the phishing scripts: A script-level analysis of phishing kits and their impact on real-world phishing websites | |
| Liao et al. | Cloud repository as a malicious service: challenge, identification and implication |