针对网络钓鱼攻击的各种防御机制的最新调查

IF 0.5 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING International Journal of Information Security and Privacy Pub Date : 2016-01-02 DOI:10.1080/15536548.2016.1139423

A. Tewari, A. Jain, B. Gupta

{"title":"针对网络钓鱼攻击的各种防御机制的最新调查","authors":"A. Tewari, A. Jain, B. Gupta","doi":"10.1080/15536548.2016.1139423","DOIUrl":null,"url":null,"abstract":"ABSTRACT In the recent years, the phishing attack has become one of the most serious threats faced by Internet users, organizations, and service providers. In a phishing attack, the attacker tries to defraud Internet users and steal their personal information either by using spoofed emails or by using fake websites or both. Several approaches have been proposed in the literature for the detection and filtering of phishing attacks; however, the Internet community is still looking for a complete solution to secure the Internet from these attacks. This article discusses recent developments and protection mechanisms (i.e., detection and filtering) against a variety of phishing attacks (e.g., email phishing, website phishing, zero-day attacks). In addition, the strengths and weaknesses of these approaches is discussed. This article provides a better understanding of the phishing attack problem in the current solution space and also addresses the scope of future research to deal with such attacks efficiently.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"33 1","pages":"13 - 3"},"PeriodicalIF":0.5000,"publicationDate":"2016-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"33","resultStr":"{\"title\":\"Recent survey of various defense mechanisms against phishing attacks\",\"authors\":\"A. Tewari, A. Jain, B. Gupta\",\"doi\":\"10.1080/15536548.2016.1139423\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"ABSTRACT In the recent years, the phishing attack has become one of the most serious threats faced by Internet users, organizations, and service providers. In a phishing attack, the attacker tries to defraud Internet users and steal their personal information either by using spoofed emails or by using fake websites or both. Several approaches have been proposed in the literature for the detection and filtering of phishing attacks; however, the Internet community is still looking for a complete solution to secure the Internet from these attacks. This article discusses recent developments and protection mechanisms (i.e., detection and filtering) against a variety of phishing attacks (e.g., email phishing, website phishing, zero-day attacks). In addition, the strengths and weaknesses of these approaches is discussed. This article provides a better understanding of the phishing attack problem in the current solution space and also addresses the scope of future research to deal with such attacks efficiently.\",\"PeriodicalId\":44332,\"journal\":{\"name\":\"International Journal of Information Security and Privacy\",\"volume\":\"33 1\",\"pages\":\"13 - 3\"},\"PeriodicalIF\":0.5000,\"publicationDate\":\"2016-01-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"33\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Information Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1080/15536548.2016.1139423\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, SOFTWARE ENGINEERING\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/15536548.2016.1139423","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 33

摘要

近年来，网络钓鱼攻击已经成为互联网用户、组织和服务提供商面临的最严重的威胁之一。在网络钓鱼攻击中，攻击者试图通过欺骗电子邮件或使用虚假网站或两者兼而有之来欺骗互联网用户并窃取他们的个人信息。文献中提出了几种检测和过滤网络钓鱼攻击的方法;然而，互联网社区仍在寻找一个完整的解决方案，以确保互联网免受这些攻击。本文讨论了针对各种网络钓鱼攻击(如电子邮件网络钓鱼、网站网络钓鱼、零日攻击)的最新发展和保护机制(即检测和过滤)。此外，还讨论了这些方法的优缺点。本文提供了对当前解决方案空间中的网络钓鱼攻击问题的更好理解，并讨论了有效处理此类攻击的未来研究范围。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Recent survey of various defense mechanisms against phishing attacks

ABSTRACT In the recent years, the phishing attack has become one of the most serious threats faced by Internet users, organizations, and service providers. In a phishing attack, the attacker tries to defraud Internet users and steal their personal information either by using spoofed emails or by using fake websites or both. Several approaches have been proposed in the literature for the detection and filtering of phishing attacks; however, the Internet community is still looking for a complete solution to secure the Internet from these attacks. This article discusses recent developments and protection mechanisms (i.e., detection and filtering) against a variety of phishing attacks (e.g., email phishing, website phishing, zero-day attacks). In addition, the strengths and weaknesses of these approaches is discussed. This article provides a better understanding of the phishing attack problem in the current solution space and also addresses the scope of future research to deal with such attacks efficiently.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Journal of Information Security and Privacy COMPUTER SCIENCE, SOFTWARE ENGINEERING-

CiteScore

2.50

自引率

0.00%

发文量

期刊介绍： As information technology and the Internet become more and more ubiquitous and pervasive in our daily lives, there is an essential need for a more thorough understanding of information security and privacy issues and concerns. The International Journal of Information Security and Privacy (IJISP) creates and fosters a forum where research in the theory and practice of information security and privacy is advanced. IJISP publishes high quality papers dealing with a wide range of issues, ranging from technical, legal, regulatory, organizational, managerial, cultural, ethical and human aspects of information security and privacy, through a balanced mix of theoretical and empirical research articles, case studies, book reviews, tutorials, and editorials. This journal encourages submission of manuscripts that present research frameworks, methods, methodologies, theory development and validation, case studies, simulation results and analysis, technological architectures, infrastructure issues in design, and implementation and maintenance of secure and privacy preserving initiatives.

期刊最新文献

Adaptive Personalized Randomized Response Method Based on Local Differential Privacy A Novel CNN-LSTM Fusion-Based Intrusion Detection Method for Industrial Internet A System Dynamics Approach to Evaluate Advanced Persistent Threat Vectors Trust and Voice Biometrics Authentication for Internet of Things “Every Dog Has His Day”