Sciweavers

FC
2010
Springer

The Phish-Market Protocol: Securely Sharing Attack Data between Competitors

14 years 4 months ago
The Phish-Market Protocol: Securely Sharing Attack Data between Competitors
A key way in which banks mitigate the effects of phishing is to remove fraudulent websites or suspend abusive domain names. This ‘take-down’ is often subcontracted to specialist companies. Prior work has shown that these take-down companies refuse to share their ‘feeds’ of phishing website URLs with each other, and consequently, many phishing websites are not removed because the company with the take-down contract remains unaware of their existence. The take-down companies are reticent to exchange their feeds with each other, fearing that competitors with less comprehensive feeds might ‘freeride’ off their efforts and stop investing resources to find new websites, as well as use the feeds to poach clients. To help solve this problem, we propose the Phish Market protocol, which enables companies with less comprehensive feeds to learn about websites impersonating their own clients that are held by other firms. The protocol is designed so that the contributing firm is c...
Tal Moran, Tyler Moore
Added 15 Aug 2010
Updated 15 Aug 2010
Type Conference
Year 2010
Where FC
Authors Tal Moran, Tyler Moore
Comments (0)