PISHING ATTACKS IN NETWORK SECURITY

— In the last few decays, phishing tricks have swiftly grown posing enormous threat to worldwide Internet security. These days, phishing attacks are one of the utmost common and serious threats over internet whereas cyber attackers are trying to steal users personal information regarding their financial assets by using different malwares and social engineering. The usual way of phishing attacks use some electronic messaging like emails or by providing the links that appears to be legitimate sites but actually these sites are malicious and controlled by the attackers. To detect phishing attack at high accuracy is always a crucial and has been great issue of interest. Recently many detection techniques has been introduced which are specifically designed for the detection of phishing with extreme accuracy. In this report the phishing attacks are discuss with some of the techniques which are proposed in various literature.

There are different campaigns had been started in research, purpose of these campaigns is to exploit the vulnerabilities exist in systems, which could be either because of the user unawareness or because of any technical deficiency. Different studies have shown that one-third of the phishing attacks have been attempted on the bank accounts in 2013 [3].
The techniques and methods used for phishing are constantly evolving day by day. The hackers rapidly gaining knowledge and understanding of computers communication and well familiar with the target system, protocols and procedures. The attackers are design new method for bypassing the security loop holes and evading detection which cause in the increase in successful attacks. [4].
Phishing is no more a technical problem. It also a social engineering problem which aim at exploiting vulnerabilities in the overall system. This report is divided in different section, section 1 Techniques and Defense section 1.1 Phishing techniques, section 1.2 Defense, Section 2 discuss about the open issues and challenges section 3 report the detection techniques from the literature. Section 4 is the conclusion.

Problem Description:
Phishing is based on where attackers introduced themselves as someone else and based on human trust relation they try to uncover the personal information. Phishing is mainly classified into two main categories Social engineering and malware based phishing attacks.

Social Engineering:
Social engineering is type of phishing which intend to get the victim's identity or other confidential data through spoofed or fake emails. It is similar to motive as that hacking i.e., to gain the illegal access to any system or steel confidential information regarding any organization or any network intrusion, etc.
Mostly the targets are big companies, government agencies or military [5]. There are two level of attacks in social engineering : Physical social engineering attack and psychological [6].

Website Phishing:
Website phishing is one of the phonological attack with an aim of targeting a specific person instead of any system. Website attacks are easy to carried out in action as the fact that designing a duplicate copy of any legitimated website is so much easy for attackers [7]The main purpose of doing is to fraud with people in order to get their personal and financial information.

Email Phishing:
Email Phishing is the first step towards the launch of phishing websites; then, it sends huge amount false emails. These emails contains the link on which user click all of its credentials will be passed to the attacker by phishing server. Then the phisher use that victims credentials illegally.

Malware-Based Phishing:
There are some software's design which contain malicious content that installed to the victim system as he/she install it. Sometimes users can be tricked into downloading antivirus software while these are actually a virus or malware itself [8]. Malware takes advantage of the holes in the operating system or in any browser.

Key and screen loggers:
The key logger is also an severe threat to the servers or system as human being are unable to detect their existence, and the recording screen software made the situation to worst because of key logging. Key loggers are categorized into two: Hardware key logger and software key logger [9] 1.1.6 Hijacking sessions: Session hijacking is executed either at application level or at network layer. At application level session hijack involves interfering HTTP and at network level interfering is done at TCP and UDP.

Defenses:
The difficulty of handling phishing is assured but there is need to be tackled by using technological advancement as well as user education. The basic objective of phishing is to take the personal or confidential data from victims. This section of report discuss the various approaches to detect the phishing and malicious websites. There are different protection mechanism against phishing is classified as follow.  User Education: Users education is of spreading knowledge about phishing among internet users. This approach provide information about risk of phishing attacks and their prevention methods [11].  Software-based defense approaches Protection at network level is approach in which certain range of IP addresses or some domains are not allowed to enter the network [12]  Authentication-based mechanisms: In this approach, the message is confirmed either it is send by valid The victims of phishing mostly not know that they are under attack by phishers. The first phase is to detect the phishing attack. In this section 2 phishing attacks has been discusses.

Human Detection:
We all know that ever person is not same, as all users of the technology are also not same in nature. Some users are more familiar with security problems, they us to think longer while clicking any dubious link. However, some don't even think about security while browsing or anything. There may be any training process at work for users otherwise most of the users are not familiar with the risk of phishing. Setting common operational procedures and sharing knowledge, double checking process may decrease the problem with in organizations.
In [15] the overview of phishing education is discussed, the main focus of this paper is on context aware attacks and presents a strategy for educating consumers by combining IQ test for phishing and class discussions. Though many of the time class discussion and training not potential advantages on victims. The researchers conduct large-scale experiment that tracked workers response to a sequence of wisely designed phishing emails and awareness activities. Some other phishing techniques are introduced in [16] an online game was designed that teaches consumers habit to avoid phishing attacks. The design was based learning science principles. With the help of study it is cleared that those who played the game were able to identify the fraudulent websites. Another study shows that phish are becoming more effective and the use of log in phish email make it more undoubted.
Hale et. al. [17]inspected another diversion based methodology that tries to join learning strategies and consolidates the authenticity of in-the wild methodologies with the preparation highlights of testing. This work proposes a three stage analysis to test the methodology on a redid Cyber Phishing reproduction stage.

Machine Detection:
In order to do detection of any traditional or spear phishing to identify the phishing email is most important step to do. Different approaches have been developed to enhance identification of phishing emails. In [17] the author discuss the effective feature selection out of existing proposed features by evaluating various feature selection methods. The system developed by them displayed high accuracy while depended on a relatively small number of classifiers. In [18] the author use the two dimensional approach to detect phishing emails is presented. This proposed architecture is called as PhishSnag.
The creators guarantee an identification rate of 93 percent with around 0.5 percent false positives or more than 99 percent with a more elevated amount of false positives. Their plan depends on recognizing that not at all like ordinary messages which gives data in a latent way, phishing messages try to effectively mislead the person in question. Two Algorithm, Adaline and Backpropagation, are introduced in [19]which work alongside a help vector machine to improve the recognition rate and arrangement of phishing assaults. The two Algorithms have over a 99 percent discovery rate. Another detection and order system recognizes suspicious pages, in light of the exacting and applied consistency between the URL and web substance. PhishStorm [20], is a computerized phishing identification framework that can be utilized to break down progressively any URL keeping in mind the end goal to recognize potential phishing locales. The methodology accomplishes 98% precision. MobiFish, a novel computerized lightweight enemy of phishing plan for portable stages, confirms the legitimacy of site pages and applications (Apps) by contrasting the real character with the personality guaranteed by the website pages and applications [21] Mobifish comprises of two applications: WebFish for checking pages and AppFish for checking applications. In testing WebFish discovered 100% of pages checked and In another investigation creators utilize the EMCUD (Extended Embedded Meaning Capturing and Uncertainty Deciding) technique to develop phishing assault information as indicated by the ID of phishing qualities [22] .In [23]a framework for customer side assurance of saving money destinations is proposed. The framework depends on the site structures and highlights (i.e. bank name, branch name, base URL, address) spoke to in RDF arrangement to settle on its authenticity. These frameworks would then be able to be tried utilizing a focal database kept up by the pertinent government.

Conclusion:
Phishing can never be utterly removed. However, the risk and threat could be reduced by the help of cooperating users and corporate safeguards and server-side measures. Educating and providing knowledge to the users is always the strongest and at the same time weakest link to countermeasure phishing. Organizations also play an vital role in controlling phishing attacks. 5 References: