Abstract
In Internet-of-Things enabled Cyber-Physical Human System (CPHS), the controller control the destination systems. The challenger or hacker can perform a number of attacks on this network to threaten the identity and vulnerability of the system, by consuming the networked resources. One of the issue that possesses threat on identities and user credentials is the phishing. The mechanisms for phishing detection in IoT based CPHS should be light-weight and not much complicated in order to meet the CPHS requirement. In CPHS, the credentials can be compromised from the user by showing very similar electronic pages or messages, and encouraging user to provide their secured financial data. These issues need to be resolved in order to get the right output and get all the functionalities to work properly. CPHS has mainly two major components, the first one is controller and second one is destination system. Commands are sent from the sensor to the destination via sensor nodes on the network and the destination system communicates with the controller about what actions to perform or how to deal with the information that controller has sent.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
T.N. Jagatic, N.A. Johnson, M. Jakobsson, F. Menczer, Social phishing. Commun ACM 50(10), 94–100 (2007)
P. Kumaraguru, Y. Rhee, S. Sheng, S. Hasan, A. Acquisti, L.F. Cranor, J. Hong, Teaching Johnny not to fall for phish. ACM Trans. Internet Technol. (TOIT) 10(2), 7:1–7:31 (2010)
I. Khalil, S. Bagchi, N. Shroff, Analysis and evaluation of Secos, a protocol for energy efficient and secure communication in sensor networks. Ad Hoc Netw. 5(3), 360–391 (2007)
G. Varshney, M. Misra, P.K. Atrey, A survey and classification of web phishing detection schemes. Secur. Commun. Netw. 9(18), 6266–6284 (2016)
J. Hong, The state of phishing attacks. Commun. ACM 55(1), 74–81 (2012)
K.L. Chiew, K.S.C. Yong, C.L. Tan, A survey of phishing attacks: their types, vectors and technical approaches. Expert Syst. Appl. 106, 1–20 (2018)
H. Huang, J. Tan, and L. Liu, Countermeasure techniques for deceptive phishing attack, in Proceedings of International Conference on New Trends in Information and Service Science, pp. 636–641 (2009)
B. Parmar, Protecting against spear-phishing. Comput. Fraud. Secur. 2012(1), 8–11 (2012)
C. Karlof, U. Shankar, J.D. Tygar, D. Wagner, Dynamic pharming attacks and locked same-origin policies for web browsers, in Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 58–71 (2007)
B.B. Gupta, N.A.G. Arachchilage, K.E. Psannis, Defending against phishing attacks: taxonomy of methods, current issues and future directions. Telecommun. Syst. 67(2), 247–267 (2018)
N. Chou, R. Ledesma, Y. Teraguchi, J.C. Mitchell, Client-side defense against web-based identity theft, in Proceedings of the Network and Distributed System Security Symposium, NDSS 2004, pp. 01–16 (2004)
T. Raffetseder, E. Kirda, C. Kruegel, Building anti-phishing browser plug-ins: an experience report, in Proceedings of the 3rd International Workshop on Software Engineering for Secure Systems, pp. 1–6 (2007)
A. Stone, Natural-language processing for intrusion detection. Computer 40(12), 103–105 (2007)
M. Sharifi, S.H. Siadati, A phishing sites blacklist generator, in 2008 IEEE/ACS International Conference on Computer Systems and Applications, pp. 840–843 (2008)
D.L. Cook, V.K. Gurbani, M. Daniluk, Phishwish: a simple and stateless phishing filter. Secur. Commun. Netw. 2(1), 29–43 (2008)
Y. Joshi, S. Saklikar, D. Das, S. Saha, PhishGuard: a browser plug-in for protection from phishing, in 2008 2nd International Conference on Internet Multimedia Services Architecture and Applications, pp. 1–6 (2008)
M. Hara, A. Yamada, Y. Miyake, Visual similarity-based phishing detection without victim site information, in IEEE Symposium on Computational Intelligence in Cyber Security, pp. 30–36 (2009)
C. Yue, H. Wang. BogusBiter: a transparent protection against phishing attacks. ACM Trans. Internet Technol. 10(2), 6:1–6:31 (2010)
P. Prakash, M. Kumar, R.R. Kompella, M. Gupta, PhishNet: predictive blacklisting to detect phishing attacks, in Proceedings IEEE INFOCOM, pp. 1 – 5 (2010)
A. Bergholz, J. De Beer, S. Glahn, M.-F. Moens, G. Paaß, S. Strobel, New filtering approaches for phishing email. J. Comput. Secur. 18(1), 7–35 (2010)
C. Whittaker, B. Ryner, M. Nazif, Large-scale automatic classification of phishing pages, in Proceedings of the Network and Distributed System Security Symposium, NDSS 2010, pp. 01–14 (2010)
G. Liu, B. Qiu, L. Wenyin, Automatic detection of phishing target from phishing webpage, in 20th International Conference on Pattern Recognition, pp. 4153–4156 (2010)
B. Wardman, T. Stallings, G. Warner, A. Skjellum, High-performance content-based phishing attack detection, in Proceedings of eCrime Researchers Summit, pp. 1–9 (2011)
S. Afroz, R. Greenstadt, PhishZoo: detecting phishing websites by looking at them, in 2011 IEEE 5th International Conference on Semantic Computing, pp. 368–375 (2011)
H. Kim, J.H. Huh, Detecting DNS-poisoning-based phishing attacks from their network performance characteristics. Electron. Lett. 47(11), 656–658 (2011)
H. Zhang, G. Liu, T.W.S. Chow, W. Liu, Textual and visual content-based anti-phishing: a bayesian approach. IEEE Trans. Neural Netw. 22(10), 1532–1546 (2011)
E.H. Chang, K.L. Chiew, S.N. Sze, W.K. Tiong, Phishing detection via identification of website identity, in 2013 International Conference on IT Convergence and Security (ICITCS), pp. 1–4 (2013)
T.-C. Chen, T. Stepan, S. Dick, J. Miller, An anti-phishing system employing diffused information. ACM Trans. Inf. Syst. Secur. 16(4), 16:1–16:31 (2014)
N.M. Shekokar, C. Shah, M. Mahajan, S. Rachh, An ideal approach for detection and prevention of phishing attacks. Procedia Comput. Sci. 49, 82–91 (2015); Proceedings of 4th International Conference on Advances in Computing, Communication and Control (ICAC3’15)
G. Ramesh, J. Gupta, P.G. Gamya, Identification of phishing webpages and its target domains by analyzing the feign relationship. J. Inf. Secur. Appl. 35, 75–84 (2017)
Y. Zhang, J.I. Hong, L.F. Cranor, Cantina: a content-based approach to detecting phishing web sites, in Proceedings of the 16th International Conference on World Wide Web, pp. 639–648 (2007)
E. Medvet, E. Kirda, C. Kruegel, Visual-similarity-based phishing detection, in Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks, pp. 22:1–22:6 (2008)
K.-T. Chen, J.-Y. Chen, C.-R. Huang, C.-S. Chen, Fighting phishing with discriminative keypoint features. IEEE Internet Comput. 13(3), 56–63 (2009)
A. Blum, B. Wardman, T. Solorio, G. Warner, Lexical feature based phishing url detection using online learning, in Proceedings of the 3rd ACM Workshop on Artificial Intelligence and Security, pp 54–60 (2010)
G. **ang, J. Hong, C.P. Rose, L. Cranor. CANTINA+: a feature-rich machine learning framework for detecting phishing web sites. ACM Trans. Inf. Syst. Secur. (TISSEC) 14(2), 21:1–21:28 (2011)
Y. Zhou, Y. Zhang, J. **ao, Y. Wang, W. Lin, Visual similarity based anti-phishing with the combination of local and global features, in 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications, pp 189–196 (2014)
C.L. Tan, K.L. Chiew, K. Wong, S.N. Sze, PhishWHO: phishing webpage detection via identity keywords extraction and target domain name finder. Decis. Support Syst. 88, 18–27 (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this chapter
Cite this chapter
Mishra, A.K., Tripathy, A.K., Saraswathi, S., Das, M. (2020). Prevention of Phishing Attack in Internet-of-Things based Cyber-Physical Human System. In: Nanda, A., Chaurasia, N. (eds) High Performance Vision Intelligence. Studies in Computational Intelligence, vol 913. Springer, Singapore. https://doi.org/10.1007/978-981-15-6844-2_2
Download citation
DOI: https://doi.org/10.1007/978-981-15-6844-2_2
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-6843-5
Online ISBN: 978-981-15-6844-2
eBook Packages: EngineeringEngineering (R0)