50120130405019.pdf

Publish in

Articles & News Stories

42 views

Please download to get full document.

View again

of 7
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Share
Description
The growth of the Internet has allowed users to manage their personal finances and expenditure online. E-commerce and online banking has made life easier. The increase in an online service offered to consumers has naturally led to an increase in the exchange of personal information to access such services. With the popularity of E-commerce websites various online attacks has been increased one of them is phishing attack. Phishing is a fraudulent activity designed to steal your valuable personal data such as passwords, username, credit card numbers, account number etc. by behaving as a trustworthy entity in an electronic communication. Popular social web sites, bank, online commerce site or auction sites are commonly used to lure the unsuspecting public. Phishing emails may contain links that redirects the user to a fake website whose look and feel are almost identical to the legitimate one. In this paper we have presented a new approach for detection of phishing E-commerce websites. Phishing websites are crafted to closely mimic look and feel of legitimate sites.
Tags
Transcript
  International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),ISSN 0976 - 6375(Online), Volume 4, Issue 5, September - October (2013), © IAEME   165   DETECTION OF PHISHING E-COMMERCE WEBSITES USING VISUALCRYPTOGRAPHY  ULKA M. BANSODE 1 , Prof. GAURI R. RAO 2 , Dr. S. H. PATIL 3   1 Department of Computer Engineering, Bharati Vidyapeeth Deemed University, College of Engineering, Pune, Maharashtra, India. 2 Associate Professor, Department of Computer Engineering, Bharati Vidyapeeth Deemed University,College of Engineering, Pune, Maharashtra, India. 3 Head of Department, Department of Computer Engineering, Bharati Vidyapeeth DeemedUniversity, College of Engineering, Pune, Maharashtra, India ABSTRACT The growth of the Internet has allowed users to manage their personal finances andexpenditure online. E-commerce and online banking has made life easier. The increase in an onlineservice offered to consumers has naturally led to an increase in the exchange of personal informationto access such services. With the popularity of E-commerce websites various online attacks has beenincreased one of them is phishing attack. Phishing is a fraudulent activity designed to steal yourvaluable personal data such as passwords, username, credit card numbers, account number etc. bybehaving as a trustworthy entity in an electronic communication. Popular social web sites, bank,online commerce site or auction sites are commonly used to lure the unsuspecting public. Phishingemails may contain links that redirects the user to a fake website whose look and feel are almostidentical to the legitimate one. In this paper we have presented a new approach for detection of phishing E-commerce websites. Phishing websites are crafted to closely mimic look and feel of legitimate sites. Keywords: Image shares, Phishing, Visual Cryptography. 1.   INTRODUCTION Now a day’s Online Transactions are very common and there are various attacks presentbehind this. One among them is the phishing attack. Phishing has become one of the major issue inrecent times. This attack will not hack any server or the website; it just creates duplicate copy of thewebsite and tries to communicate to the user. The major reason for concern in the fact that phishingactivity directly hit at us as it aims at securing our personal and sensitive information. This personal   INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING &TECHNOLOGY (IJCET)   ISSN 0976 – 6367(Print)   ISSN 0976 – 6375(Online)Volume 4, Issue 5, September – October (2013), pp. 165-171   © IAEME: www.iaeme.com/ijcet.asp   Journal Impact Factor (2013): 6.1302 (Calculated by GISI) www.jifactor.com     IJCET © I A E M E  International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),ISSN 0976 - 6375(Online), Volume 4, Issue 5, September - October (2013), © IAEME   166   information can be used for the purpose of committing financial fraud, has become a criminalactivity on the Internet.Criminals targeting user information are able to profit from the increased adoption of onlineservices for many day to day activities including banking, shopping and leisure activities. Manytimes the sites that closely mimic look and feel of legitimate sites are crafted and promoted on theInternet. As these sites looks like legitimate site, user can login into that site through whichintruder/attacker can get the sensitive information like- Username, Bank account numbers,Password etc. Some of the Examples of Phishing Scams are ã   Many times the sites that closely mimic look and feel of legitimate sites are crafted andpromoted on the Internet. As these sites looks like legitimate sites, user logs in into those sitesthrough which his/her sensitive information like bank details, name or other personalinformation can be stealed. ã   Sending the fake e-mail message to the bank user’s, as if the database of the bank has beencrashed due to some technical reasons, so they request you for updation of the personalinformation. ã   Sending e-mail message to the user’s as if they won the prize and to deposit the amount theyare requested to send the personal information and bank account numbers.So to prevent against phishing attack it is very important to make sure that whether the siteyou are visiting, gets open from right or truthful source or not? Whether it is asking you to sendpersonal information and bank details again and again?Thus making it easier to detect phishing websites and protect against phishing attack we areintroducing a new method which can be used as a safe way against phishing which is named as“Detection of Phishing E-commerce websites using Visual Cryptography”.In this approach the identity of the website is verified which proves that whether it is agenuine website or not to use E-commerce, online booking system and bank transactions etc.The concept of Visual Cryptography is used. Visual Cryptography is a secure method that encryptsan image by breaking it into shares. 2.   BACKGROUND Various types of attacks present on the Internet. One of the major attack is phishing attack which consists of sending electronic mail or other form of communications to group of people askingfor their personal information like usernames and passwords.Attackers create the websites that closely look like authorized websites and promotes thosewebsites on Internet. When user login through those websites they are actually redirected tophisher’s database where attacker can get personal information of user like password, accountdetails, username etc. Fig. 1: Phishing Attack  Actual Website Phishing WebsiteUserPhishing Attack Originalcommunication  International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),ISSN 0976 - 6375(Online), Volume 4, Issue 5, September - October (2013), © IAEME   167   3.   RELATED WORK The DNS Based Anti-phishing approach [2] includes blacklist, heuristic detection and pagesimilarity assessment. The commonly used anti-phishing approach by browser is blacklist which isDNS based anti-phishing approach technique.Netscape browser 8.1 and Internet Explorer7 and Google Safe browsing are importantbrowsers which use blacklist to protect users when they are navigating through phishing sites.The estimation of whether the page has some phishing heuristic characteristics is done in theHeuristic based anti-phishing technique. [3]For example spoof guard toolbar include heuristic characteristics like checking againstpreviously seen images, host name and checking URL for common spoofing techniques.Automated Challenge Response Method [4] is an authentication mechanism, which includesgeneration module from server. This module then interacts with Challenge-Response interface inclient and request for response from user which in turn calls the get response application installed inthe client machine. Once the challenge response is validated, user credentials are demanded fromclient and are validated by server to proceed the transaction.Cryptography is the best known technique to protect data. It is an art of protectinginformation by sending and receiving encrypted messages that can be decrypted by sender orreceiver.Naor and Shamir were introduced Visual Cryptography schemes [5] is a secure way to allowthe secret sharing of images without any cryptographic computation.A Segment Based Visual Cryptography suggested by Borchert [6] can encrypt only theamount, numbers like bank account number and messages containing symbols.Visual Cryptography for Print and Scan Application [7] suggested by W-Q Yan, D. Jin canbe applied for printed text and images only. 4.   VISUAL CRYPTOGRAPHY Visual cryptography is a popular solution for image encryption. Visual cryptography is acryptographic technique which allows visual information (e.g. printed text, pictures) to be encryptedin such a way that the decryption can be performed without complex algorithm and without the aidof computers. It uses the human visual system to identify secrete image generated by stacking theshares together.Following are the Visual Cryptography Schemes: 1.   (n, n) visual cryptography: The (n, n) visual cryptography generates n (n ≥ 2) number of shares and for getting back the secreteinformation all shares are needed to be stacked together. 2.   (2, 2) visual cryptography: The (2, 2) visual cryptographic scheme generates 2 shares and the secret information will beregenerated after stacking these two shares.  3.   (k, n) visual cryptography: The (k, n) visual cryptographic scheme generates n (n ≥ 2) number of shares and for regeneration of secrete information at least any k (2 ≤ k  ≤ n) shares are needed.In this approach we have used (2, 2) VCS, each pixel P in the image is encrypted into two subpixels called shares. The following figure denotes the shares for a white and black pixel. Here choiceof shares for black and white pixel is randomly determined. When these two shares are stacked, thevalue of the srcinal pixel P can be determined.  International Journal of ComputerISSN 0976 - 6375(Online), Volume Fig 2: 2  5.   SYSTEM ARCHITECTURE6.   ALGORITHM Step 1. User will login and select a rStep 2. Perform cryptography and cStep 3. Encrypt one of the shares anStep 4. Compare server under test wStep 5. If server under test is regishare to client and go to step 7, elseStep 6. If server under test is not a rto client. Engineering and Technology (IJCET), ISSN, Issue 5, September - October (2013), © IAE 168   -out-2 Visual Cryptography Scheme Fig. 3: System Architecture   andom image.nvert the image into shares.send to trusted server through server under tesith list of registered servers.tered server, then perform decryptography ango to Step 6.egistered server, then trusted server will send a 976-6367(Print),E   t.send decryptedny garbage share

Previous Document

Brant.pdf

We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks
SAVE OUR EARTH

We need your sign to support Project to invent "SMART AND CONTROLLABLE REFLECTIVE BALLOONS" to cover the Sun and Save Our Earth.

More details...

Sign Now!

We are very appreciated for your Prompt Action!

x