kaist web wallet: preventing phishing attacks by revealing user intentions min wu, robert c. miller...

KAIST

WebWeb Wallet: Wallet: Preventing Phishing Attacks Preventing Phishing Attacks by Revealing User Intentionsby Revealing User Intentions

Min Wu, Robert C. Miller and Greg Little

Symposium On Usable Privacy and Security (SOUPS 2006)

Lee Hyung Kyu

2008. 10. 28

22 / 21 / 21Web Wallet: Preventing Phishing Attacks by Revealing User Intentions

ContentsContents

Introduction

Related Work

Web Wallet

Design Principles

User Interface

Evaluation

Conclusion

Discussion

Introduction (1/3)Introduction (1/3)

Phishing

Steal consumers’ personal identity data and financial account credentials [APWG]

Social engineering & Technical subterfuge

Growing Phishing [APWG, Dec. 2005]15244 unique phishing attacks

7197 unique phishing sites

121 legitimate brands being hijacked

cf. [APWG, Dec. 2007]

25683 unique phishing attacks

25328 unique phishing sites

144 legitimate brands being hijacked

33 / 21 / 21White-List Approach with Anti-Phishing Web Crawler


Problems

AppearanceUsers tend to decide site identity

Opaque Data To Web BrowserSensitive or not?

Security IndicatorLocated in a Peripheral area



Problems

Security is rarely a user’s primary goal!Users focus on their current task

Sloppy but Common web practicesIP addresses instead of hostnames

Domain names that are totally different from their brand names

Unprotected login pages

Do not suggest good AlternativesSimple warnings


Related Work (1/2)Related Work (1/2)

Dynamic Security Skins [R. Dhamija et al., “The Battle Against Phishing: Dynamic Security Skins”(SOUPS’05)]

Visual DifferenceUse a randomly generated visual hash


Limitations

Burden on usersTo notice the visual difference

Related Work (2/2)Related Work (2/2)

SpoofGuard [N. Chou et al., “Client-side defense against web-based identity theft”(NDSS’04)]

HeuristicsCalculate Spoof Index with several features

Warn users when a certain page has a high probability of being a spoof


Limitations

High False Positive RateMany Unnecessary Warnings – can be ignored by users

Web Wallet : Design Principles Web Wallet : Design Principles (1/2)(1/2)

Get the User’s Intention

The User InterfaceBridge the gap between the user’s mental model and the system model(browser)

Help the users transfer their real intention to the browser

Submitting DataData type

Sensitive or Not?

Data recipient

Which site?

Dedicated Interface for sensitive information submission

Check to see if the current site is good enough


Web Wallet : Design Principles Web Wallet : Design Principles (2/2)(2/2)

Integrate Security into the Workflow

Disable the sensitive input fields in the web forms Make itself the only way to input sensitive data

Not depend on users remembering to use it

Incorporate security questions by helping users achieve their goals instead of stopping them

Not use a generic warning

“Are you sure?”

Show a user a list of sites and choose


Web Wallet : User Interface (1/5)Web Wallet : User Interface (1/5)

Form Annotation

Use Naïve Bayesian classifier and Hidden Markov Model

Search the login forms Disable them

Provide Login Card

Security Key

Press F2 KeyBrowse the site simply

Become habitual



Browser Sidebar

Card Presentation

Card FolderEncrypted by master password

Stored Card If it matches Web page Request,



Browser Sidebar

New Login CardIf it doesn’t match Web Page Request,

Show Domain Name & Site Description

“Save Card” checkbox



Confirmation Interface

Untrusted & Not login before



Negative Visual Feedback

Prevent from Fake Web Wallet AttackDifferentiate the Web interface from the Local interface


Evaluation (1/4)Evaluation (1/4)

Simulated Attacks

Normal attack

Undetected-form attackFail to detect Login form


Online-keyboard attackBypass the Zooming character

Flying Icon

Fake-wallet attackDisplayed by web site


Fake-suggestion attackChoose the Phishing site from the list



User study

21 Subjects (14 / 7)

Role as John Smith’s Assistant

Spoof rateThe fraction of simulated attacks that successfully obtain his information



First Interface

ProblemsNot include the current site

Type directly in the web form despite warnings



Modified Interface

ImprovementsAdd the current site to the site list

Always display a login card



ConclusionConclusion

Web Wallet

Provide Dedicated Interface for Sensitive Information

Spoof rate of Normal attacks from 63% to 7%

Make itself an integrated part of the user’s workflowThe warning from the Web Wallet is no longer a weak signal

Encourages the user to choose her intended site using the Site List


DiscussionDiscussion

Pros.

Improve the Existing Anti-phishing Tool Lower Spoof rate

Eliminate Unnecessary Warning

Lower the burden on Users

Trial and Error

Cons.

Undetected-form attack & Fake-wallet attackNegative Visual Feedback is Ineffective

Image Recognition

Press F2 key

What kind of attacks are there in 7%?


Q & Q & AA

kaist web wallet: preventing phishing attacks by revealing user intentions min wu, robert c. miller...

Documents

unique phishing attacks

user intentionsweb wallet

unique phishing sites

user intentionsintroduction

usersweb wallet

web forms

web browsersensitive

user intentionsrelated