TORPEDO: TOoltip-poweRed Phishing Email DetectiOn

Abstract : We propose a concept called TORPEDO to improve phish detection by providing just-in-time and just-in-place trustworthy tooltips to help people judge links embedded in emails. TORPEDO’s tooltips contain the actual URL with the domain highlighted and delay link activation for a short period, giving the person time to inspect the URL before they click. Furthermore, TORPEDO consists of an information diagram to explain phish detection. We evaluated TORPEDO in particular with respect to its effectiveness: Compared to the worst case ‘status bar’. as used in Thunderbird and Web email clients. TORPEDO performed significantly better in detecting phishes and identifying legitimate emails (85.17 % versus 43.31 % correct answers for phish). A proof of concept implementation is available as a Thunderbird Add-On.
Type de document :
Communication dans un congrès
Jaap-Henk Hoepman; Stefan Katzenbeisser. 31st IFIP International Information Security and Privacy Conference (SEC), May 2016, Ghent, Belgium. IFIP Advances in Information and Communication Technology, AICT-471, pp.161-175, 2016, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-319-33630-5_12〉
Liste complète des métadonnées

Littérature citée [41 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01369551
Contributeur : Hal Ifip <>
Soumis le : mercredi 21 septembre 2016 - 10:55:37
Dernière modification le : mercredi 21 septembre 2016 - 11:37:47
Document(s) archivé(s) le : jeudi 22 décembre 2016 - 12:42:39

Fichier

 Accès restreint
Fichier visible le : 2019-01-01

Connectez-vous pour demander l'accès au fichier

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Melanie Volkamer, Karen Renaud, Benjamin Reinheimer. TORPEDO: TOoltip-poweRed Phishing Email DetectiOn. Jaap-Henk Hoepman; Stefan Katzenbeisser. 31st IFIP International Information Security and Privacy Conference (SEC), May 2016, Ghent, Belgium. IFIP Advances in Information and Communication Technology, AICT-471, pp.161-175, 2016, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-319-33630-5_12〉. 〈hal-01369551〉

Partager

Métriques

Consultations de la notice

91