TY - GEN
T1 - Deep Dive into Client-Side Anti-Phishing
T2 - 19th ACM Asia Conference on Computer and Communications Security, AsiaCCS 2024
AU - Pourmohamad, Rana
AU - Wirsz, Steven
AU - Oest, Adam
AU - Bao, Tiffany
AU - Shoshitaishvili, Yan
AU - Wang, Fish
AU - Doupé, Adam
AU - Bazzi, Rida A.
N1 - Publisher Copyright:
© 2024 Copyright held by the owner/author(s).
PY - 2024/7/1
Y1 - 2024/7/1
N2 - Client-side anti-phishing methods are crucial for safeguarding individuals against phishing attacks, offering a proactive approach beyond traditional blocklisting strategies. This study expands the scope to include a comprehensive evaluation of client-side anti-phishing techniques within the Chrome browser, alongside an in-depth analysis of academic research in the field of phishing over the past five years. Our findings highlight the inherent limitations of current client-side anti-phishing measures, which demonstrated a detection rate of only 14% for phishing websites and blocked merely 10% of login-based phishing sites within the first hour, resulting in a substantial false negative rate. Additionally, our analysis reveals that attackers can readily circumvent these defenses by altering the content of phishing websites. The study also critically assesses recent academic contributions to understand their alignment and potential integration with client-side anti-phishing frameworks. Based on these insights, we propose targeted recommendations to enhance the efficacy and responsiveness of the client-side anti-phishing ecosystem, addressing the challenges of low detection coverage, slow response times, and high rates of false negatives.
AB - Client-side anti-phishing methods are crucial for safeguarding individuals against phishing attacks, offering a proactive approach beyond traditional blocklisting strategies. This study expands the scope to include a comprehensive evaluation of client-side anti-phishing techniques within the Chrome browser, alongside an in-depth analysis of academic research in the field of phishing over the past five years. Our findings highlight the inherent limitations of current client-side anti-phishing measures, which demonstrated a detection rate of only 14% for phishing websites and blocked merely 10% of login-based phishing sites within the first hour, resulting in a substantial false negative rate. Additionally, our analysis reveals that attackers can readily circumvent these defenses by altering the content of phishing websites. The study also critically assesses recent academic contributions to understand their alignment and potential integration with client-side anti-phishing frameworks. Based on these insights, we propose targeted recommendations to enhance the efficacy and responsiveness of the client-side anti-phishing ecosystem, addressing the challenges of low detection coverage, slow response times, and high rates of false negatives.
KW - Blocklist
KW - Client-side Anti-Phishing
KW - Google SafeBrowsing
UR - http://www.scopus.com/inward/record.url?scp=85199256980&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85199256980&partnerID=8YFLogxK
U2 - 10.1145/3634737.3657027
DO - 10.1145/3634737.3657027
M3 - Conference contribution
AN - SCOPUS:85199256980
T3 - ACM AsiaCCS 2024 - Proceedings of the 19th ACM Asia Conference on Computer and Communications Security
SP - 638
EP - 653
BT - ACM AsiaCCS 2024 - Proceedings of the 19th ACM Asia Conference on Computer and Communications Security
PB - Association for Computing Machinery, Inc
Y2 - 1 July 2024 through 5 July 2024
ER -