Effective Defense Schemes for Phishing Attacks on Mobile Computing Platforms

Longfei Wu, Xiaojiang Du, Jie Wu

Research output: Contribution to journalArticlepeer-review

100 Scopus citations

Abstract

Recent years have witnessed the increasing threat of phishing attacks on mobile computing platforms. In fact, mobile phishing is particularly dangerous due to the hardware limitations of mobile devices and the habits of mobile users. In this paper, we did a comprehensive study on the security vulnerabilities caused by mobile phishing attacks, including web page phishing attacks, application phishing attacks, and account registry phishing attacks. Existing schemes designed for web phishing attacks on personal computers (PCs) cannot effectively address the various phishing attacks on mobile devices. Hence, we propose MobiFish, which is a novel automated lightweight antiphishing scheme for mobile platforms. MobiFish verifies the validity of web pages, applications, and persistent accounts by comparing the actual identity to the claimed identity. MobiFish has been implemented on a Nexus 4 smartphone running the Android 4.2 operating system. We experimentally evaluate the performance of MobiFish with 100 phishing URLs and corresponding legitimate URLs, as well as phishing apps. The results show that MobiFish is very effective in detecting phishing attacks on mobile phones.

Original languageEnglish
Article number7222471
Pages (from-to)6678-6691
Number of pages14
JournalIEEE Transactions on Vehicular Technology
Volume65
Issue number8
DOIs
StatePublished - Aug 2016

Keywords

  • Mobile computing
  • phishing attacks
  • security and protection

Fingerprint

Dive into the research topics of 'Effective Defense Schemes for Phishing Attacks on Mobile Computing Platforms'. Together they form a unique fingerprint.

Cite this