AntiPhishing Technology Chokepoints and Countermeasures Aaron Emigh Radix
- Slides: 38
Anti-Phishing Technology Chokepoints and Countermeasures Aaron Emigh Radix Labs [email protected] com
A Typical Phishing Email
Phishing Information Flow
Step 1: Phish Delivery
Authentication
Reducing False Positives
Image Recognition Simple idea: recognize logos
Image Recognition Maybe not so simple…
Image Recognition Fully render, then retrieve sub-images
Patching
Secure Patch Distribution
Secure Patch Activation
Automatic Secure Patch Activation
Step 2: User Action
Education Why Johnny can’t identify phish…
Personally Identifiable Information
Personally Identifiable Information
Unmask Deceptive Links <P>To go to a surprising place via a cloaked URL, click on <A HREF="http: //security. ebay. [email protected] com">this link. </A> <P>To go to a surprising place via a cloaked URL with a password, click on <A HREF="http: //security. ebay. com: [email protected] com">this link. </A> <P>To go to a surprising place via an open redirect, click on <A HREF="http: //redirect. ebaysecurity. com? url=phisher. com">this link. </A> <P>To go to a surprising place via misleading link, click on <A HREF="http: //phisher. com">http: //security. ebay. com. </A>
Unmask Deceptive Links <P>To go to a surprising place via a cloaked URL, click on <A HREF="http: //security. ebay. [email protected] com">this link. </A> <P>To go to a surprising place via a cloaked URL with a password, click on <A HREF="http: //security. ebay. com: [email protected] com">this link. </A> <P>To go to a surprising place via an open redirect, click on <A HREF="http: //redirect. ebaysecurity. com? url=phisher. com">this link. </A> <P>To go to a surprising place via misleading link, click on <A HREF="http: //phisher. com">http: //security. ebay. com. </A>
Interfere With Navigation
Detecting DNS Poisoning
Steps 2 and 4: Information Sharing
It’s the metadata, stupid!
Step 4: Transmitting data
Little Brother is Watching
Steps 4 and 6: Secure Path
Secure Path (That Was Then) Login: aaron Password: ******
Secure Path (This Is Now)
Secure Path (This Is Now)
Step 6: Data Without Value
Two-Factor Authentication
Two-Factor Authentication
Password Hashing
Policy-based data
Aftermath: Ex Post Facto Detection
Aftermath: Information Sharing
Conclusions
Anti-Phishing Technology Chokepoints and Countermeasures Aaron Emigh Radix Labs [email protected] com
Countermeasures for Recent Attack Trends II Countermeasures 2016
CHOKEPOINTS IN SEA TRANSPORTATION Adopted from https worldgeographycylakes
CHOKEPOINTS ICIS THE BAYDELTA CONCEPTUAL MODEL LINKING THEM
PHISHING AND ANTIPHISHING TECHNIQUES Sumanth Sanath and Anil
Mobi Fish A Lightweight AntiPhishing Scheme for Mobile
