Advanced SearchSearch Tips
Countermeasures Against Phishing/Pharming via Portal Site for General Users
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
Countermeasures Against Phishing/Pharming via Portal Site for General Users
Kim, Soyoung; Kang, Ji-yoon; Kim, Yoonjeong;
  PDF(new window)
The number of phishing/pharming attacks occurring has increased and consequently, the number of studies on anti-phishing/pharming has also increased. The target sites of phishing/pharming are financial sites, and these have a low connection rate compared to those of portal sites. In this paper, we propose an anti-phishing/pharming method that uses a portal site as a stopover. The proposed method is based on the reliability of portal sites. This method is intended for general users rather than for professional users or developers. We also analyze the safety of the proposed method by separating the method into sub components of module safety assumption.
phishing;pharming;anti-phishing;portal site;authentication;
 Cited by
쿠키 기반의 TLS/SSL 인증서 공개키의 확인,박준철;

한국통신학회논문지, 2016. vol.41. 1, pp.101-103 crossref(new window)
Korean National Police Agency, Phishing (2015), Retrieved June 2015, from

Korean National Police Agency, Pharming (2015), Retrieved June 2015, from

J.-Y. Kang, J. Yoon, and Y. Kim, "Phishing/ pharming examples and countermeasure analysis," in Proc. KIISE KCC, pp. 738-740, Yeosu, Korea, Jun. 2013.

S. Kim, J. Kang, and Y. Kim, "Security analysis of phishing countermeasures," in Proc. KIISE Winter Conf., pp. 756-758, Pyongchang, Korea, Dec. 2014.

J. S. Shin, "Study on anti-phishing solutions, related researches and future directions," J. The Korea Inst. Inf. Security & Cryptology, vol. 23, no. 6, pp. 1037-1047, Dec. 2013. crossref(new window)

J. H. Sa and S. Lee, "Real-time phishing site detection method," J. The Korea Inst. Inf. Security & Cryptology, vol. 22, no. 4, pp. 819-825, Aug. 2012.

M. Lee, H. Lee, and H. Yoon, "An anti-phishing approach based on search engine," in Proc. KIISE KCC, vol. 37, no. 1(D), pp. 121-124, Jeju, Korea, Jun. 2010.

D. Min, T. Shon, and J. Moon, "A study on the phishing attack protection using URL spoofing," J. The Korea Inst. Inf. Security & Cryptology, vol. 15, no. 5, pp. 35-45, Oct. 2005.

J. H. Kim, Y. J. Maeng, D. H. Nyang, and K. H. Lee, "Cognitive approach to anti-phishing and anti-pharming," J. The Korea Inst. Inf. Security & Cryptology, vol. 19, no. 1, pp. 113-124, Feb. 2009.

B. Parno, C. Kuo, and A. Perrig, "Phoolproof phishing prevention," Financial Cryptography and Data Security, LNCS, vol. 4107, pp. 1-19, 2006.

M. Mannan and P. C. van Oorschot, "Using a personal device to strengthen password authentication from an untrusted computer," Financial Cryptography and Data Security, LNCS, vol. 4886, pp. 88-103, 2007.

H. Sun, Y. Chen, and Y. Lin. "oPass: A user authentication protocol resistant to password stealing and password reuse attacks," IEEE Trans. Inf. Forensics and Security, vol. 7, no. 2, pp. 651-663, Apr. 2012. crossref(new window)

T.-H. Kim, J.-H. Lee, and D.-H. Lee, "Study on mobile OTP(One Time Password) mechanism based PKI for preventing phishing attacks and improving availability," J. The Korea Inst. of Inf. Security & Cryptology, vol. 21, no. 1, pp. 15-26, Feb. 2011.

G. Varshney, R. C. Joshi, and A. Sardana, "Personal secret information based authentication towards preventing phishing attacks," Advances in Intell. Syst. and Comput., vol. 176, pp. 31-42, 2012. crossref(new window)

R. Dhamija and J. D. Tygar, "The battle against phishing: Dynamic security skins," Symp. Usable Privacy and Security (SOUPS), pp. 77-88, Pittsburgh, PA, USA, Jul. 2005.

J. Lee, H. You, C. Cho, and M. Jun, "A design secure QR-Login user authentication protocol and assurance methods for the safety of critical data using smart device," J. KICS, vol. 37C, no. 10, pp. 949-964, Oct. 2012. crossref(new window)

S. Seo, C. Choi, G. Lee, and H. Choi, "QR code based mobile dual transmission OTP system," J. KICS, vol. 38B, no. 5, pp. 377-384, May 2013. crossref(new window)

J.-Y. Park, J. Kim, M. Shin, and N. Kang, "QR-code based mutual authentication system for web service," J. KICS, vol. 39B, no. 4, pp. 207-215, Apr. 2014. crossref(new window)