| Since the coming of network information era, people becoming more and morerely on network to deal with their daily activities, such as work, shopping, study andentertainments. Mobile phone, which is famous as its conveniences, has becoming moreand more popular that helps people access internet. Since this, the hidden securitydanger along with network is transforming to a new platform which is the so calledmobile platform. Among all of the security risks, network fishing attack is considered asone of the most dangerous way of online transactions, the reason that could happen isthat mobile gadget provides the channel of stealing personal information.The main purpose of this paper is to raise a resolution that can reduce the chancethat user being attacked by network fishing and finally make a plan of this scheme tomake it realized. The Theoretical basis of the scheme is the summery of main streamanti-fishing schemes and technology nowadays. In the end of this paper, we got alightweight mobile platform fishing reorganization application which is based on theC/S structure, by using it, mobile users can be protected from fishing attack, such thattheir sensitive personal information is more guaranteed. The main work of this papercan be concluded as follows:1. We realized a multi-level fishing recognition evaluation engine based on thesummery of main stream anti-fishing schemes and technology nowadays. This enginestudy from the advantages of traditional anti-fishing system and its multi-levelevaluation method to enhance the accuracy of anti-fishing detection system. Themodules of multi-level evaluation can be divided into black or white list filter module,URL characteristics identification module based on logistic regression method, LSHhash algorithm based on sensitive positions of page characteristics identification module,as well as the overall rating module2. Through the study of recent anti-fishing system evaluation steps, we found thatthere exists a class of url which can’t be detected by this evaluation due to the reasonthat they consists the hidden features that they had been hacked. More specifically,thisclass of url in most cases attach on trusted website domain thus traditional phishing detection processes fail to filter such phishing sites referring to whitelist, whichbecomes “missed arrested fish”. In view of this situation, in order to reduce the rate ofindistinguishability, this paper raises a new anti-phishing detection process whichfocusing on the indistinguishability of the class of url consisting hidden hackingfeatures. At the same time, we draw on the advantages of the multi-factor evaluationphishing website of the traditional anti-phishing system to realize the aim thatenhancing the accuracy of the anti-phishing detection system.3. Considering of the feature of mobile platform itself, we design and realized aanti-fishing system which is based on the C/S structure. With the lightweight client, weavoid the truth that there are limited resources on the mobile platform; Using the serveron PC side, we achieve the technology that a fine capability classified anti-fishingengine on the basis of existing mature fishing detection technology. |
PDF Full Text Request