liu.seSearch for publications in DiVA
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
An analysis of reported phishing domains
Linköping University, Department of Computer and Information Science.
Linköping University, Department of Computer and Information Science.
2019 (English)Independent thesis Basic level (degree of Bachelor), 10,5 credits / 16 HE creditsStudent thesisAlternative title
En analys av rapporterade phishingdomäner (Swedish)
Abstract [en]

As we become more digitalized and we rely more heavily on the internet, the more important it is to protect ourselves against phishing attacks and other types of internet frauds. Users who fall for phishing attacks risk getting sensitive information stolen such as their bank accounts. In this thesis we describe and analyze domains that use Hypertext Transfer Protocol Secure (HTTPS), an extension to the Hypertext Transfer Protocol (HTTP) used for secure communication, and the impact that these domains have on phishing. We have analyzed and performed experiments that quantify how many of the phishing domains reported to PhishTank are HTTP and HTTPS, and why phishing sites can use HTTPS and still fail to be safe. We have created a script in Java that takes a set of URLs and creates a dataset containing the domains and all certificates that have been issued to these domains, making it a useful tool to analyze phishing domains. Furthermore, we present analyses and results describing how hashing algorithms are used in different certificates and their impact in securing the web. Through analyses and experiments we gained an understanding of how easy it is to create a certificate and claim to be behind a website. Phishing domains being able to use HTTPS is a good example of this and our results have shown that many imposter websites use HTTPS. Thankfully, there are tools in place to secure the web and avoid phishing, such as browsers having a set of Certificate Authorities (CAs) that they trust, meaning that any HTTPS site that does not have a certificate from one of these CAs will be flagged as not secure. Another countermeasure is increasing people's knowledge about how to handle websites that seem to be secure and have the necessary parameters, such as HTTPS, but nevertheless are phishing sites.

Place, publisher, year, edition, pages
2019. , p. 41
National Category
Computer Engineering
Identifiers
URN: urn:nbn:se:liu:diva-162448ISRN: LIU-IDA/LITH-EX-G--19/060—SEOAI: oai:DiVA.org:liu-162448DiVA, id: diva2:1375141
Subject / course
Information Technology
Supervisors
Examiners
Available from: 2019-12-10 Created: 2019-12-04 Last updated: 2019-12-10Bibliographically approved

Open Access in DiVA

fulltext(3162 kB)13 downloads
File information
File name FULLTEXT01.pdfFile size 3162 kBChecksum SHA-512
66eedcbd77fd4c2ffb183f3d98b91c2bf6ecad45b34ac28c6045565734c38542e5c835c6d55bcc595ca826032dc40d6ee863d26dc67b6c75db7e40972a1be0b0
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Hellberg, TimKeyvanpour, Daniel
By organisation
Department of Computer and Information Science
Computer Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 13 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 115 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf