Information System Repo 

PhiGARo: Automatic Phishing Detection and Incident Response Framework

česky | in English

Log in

eduID.cz
 
HUSÁK, Martin and Jakub ČEGAN. PhiGARo: Automatic Phishing Detection and Incident Response Framework. In Availability, Reliability and Security (ARES), 2014 Ninth International Conference on. Fribourg, Switzerland: IEEE, 2014. p. 295-302, 8 pp. ISBN 978-1-4799-4223-7.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name PhiGARo: Automatic Phishing Detection and Incident Response Framework
Authors HUSÁK, Martin (203 Czech Republic, guarantor, belonging to the institution) and Jakub ČEGAN (203 Czech Republic, belonging to the institution).
Edition Fribourg, Switzerland, Availability, Reliability and Security (ARES), 2014 Ninth International Conference on, p. 295-302, 8 pp. 2014.
Publisher IEEE
Other information
Original language English
Type of outcome Proceedings paper
Field of Study Informatics
Country of publisher United States of America
Confidentiality degree is not subject to a state or trade secret
Publication form storage medium (CD, DVD, flash disk)
WWW URL
RIV identification code RIV/00216224:14610/14:00076370
Organization Ústav výpočetní techniky - Repository
ISBN 978-1-4799-4223-7
UT WoS 000360967100038
Keywords (in Czech) phishing; PhiGARo; honeypot; CSIRT; IPFIX
Keywords in English phishing; PhiGARo; honeypot; CSIRT; IPFIX
Changed by Changed by: RNDr. Daniel Jakubík, učo 139797. Changed: 18. 2. 2016 00:50.
Abstract
We present a comprehensive framework for automatic phishing incident processing and work in progress concerning automatic phishing detection and reporting. Our work is based upon the automatic phishing incident processing tool PhiGARo which locates users responding to phishing attack attempts and prevents access to phishing sites from the protected network. Although PhiGARo processes the phishing incidents automatically, it depends on reports of phishing incidents from users. We propose a framework which introduces honey pots into the process in order to eliminate the reliance on user input. The honey pots are used to capture e-mails, automatically detect messages containing phishing and immediately transfer them to PhiGARo. There is a need to propagate e-mail addresses of a honey pot to attract phishers. We discuss approaches to the honey pot e-mail propagation and propose a further enhancement to using honey pots in response to phishing incidents. We propose providing phishers with false credentials, accounts and documents that will grant them access to other honey pot services. Tracing these honey tokens may lead us to the originators of the phishing attacks and help investigations into phishing incidents.
Type Name Uploaded/Created by Uploaded/Created Rights
16739 /2 Jakubík, D. 12. 9. 2014

Properties

Name
16739
Application
refresh
Address within IS
https://repozitar.cz/auth/repo/16739/
Address for the users outside IS
https://repozitar.cz/repo/16739/
Address within Manager
https://repozitar.cz/auth/repo/16739/?info
Address within Manager for the users outside IS
https://repozitar.cz/repo/16739/?info
Uploaded/Created
Fri 12. 9. 2014 00:50

Rights

Right to read:
  • anyone on the Internet
Right to upload:
 
Right to administer:
  • a concrete person RNDr. Daniel Jakubík, uco 139797
Attributes
 
phigaro_paper.pdf   File version 12. 9. 2014

Properties

Name
phigaro_paper.pdf
Address within IS
https://repozitar.cz/auth/repo/16739/172087/
Address for the users outside IS
https://repozitar.cz/repo/16739/172087/
Address within Manager
https://repozitar.cz/auth/repo/16739/172087/?info
Address within Manager for the users outside IS
https://repozitar.cz/repo/16739/172087/?info
Uploaded/Created
Fri 12. 9. 2014 00:50

Rights

Right to read:
  • anyone on the Internet
Right to upload:
 
Right to administer:
  • a concrete person RNDr. Daniel Jakubík, uco 139797
  • a concrete person Mgr. Ľuboš Lunter, uco 143320
Attributes
 
phigaro-slides.pdf   File version 12. 9. 2014

Properties

Name
phigaro-slides.pdf
Address within IS
https://repozitar.cz/auth/repo/16739/172086/
Address for the users outside IS
https://repozitar.cz/repo/16739/172086/
Address within Manager
https://repozitar.cz/auth/repo/16739/172086/?info
Address within Manager for the users outside IS
https://repozitar.cz/repo/16739/172086/?info
Uploaded/Created
Fri 12. 9. 2014 00:50

Rights

Right to read:
  • anyone on the Internet
Right to upload:
 
Right to administer:
  • a concrete person RNDr. Daniel Jakubík, uco 139797
  • a concrete person Mgr. Ľuboš Lunter, uco 143320
Attributes
 
Print
Add to clipboard Displayed: 18. 4. 2019 18:44

Other references 

Other projects

Repozitar.cz is administered by a team of Information System of Masaryk University developers.


Go to top | Current date and time: 18/4/2019 18:44, Week 16 (even)

Contact: repozitar(zavináč/atsign)fi(tečka/dot)muni(tečka/dot)cz