• Home

  • Documents

  • Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †,...
25
Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra * , Anupama Aggarwal , Fabricio Benevenuto , Ponnurangam Kumaraguru * Delhi College of Engineering, IIIT-Delhi, Federal University of Ouro Preto

Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

Embed Size (px)

DESCRIPTION

3

Citation preview

Page 1: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

Phi.sh/$oCiaL: The Phishing Landscape

through Short URLsSidharth Chhabra*, Anupama Aggarwal†, Fabricio Benevenuto‡, Ponnurangam Kumaraguru†

*Delhi College of Engineering, †IIIT-Delhi, †Federal University of Ouro Preto

Page 2: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

2

Motivation

Page 3: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

3

Page 4: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

4

Page 5: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

5

Phishing via Short URLs

Page 6: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

6

•Most popular - June 2010 - January 2011 *

•Most abused URL shortener •23.48% of short URL services

http://techblog.avira.com/en/

http://techblog.avira.com/en/
Page 7: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

7

Research Aim

Page 8: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

8

•Analysis of Phishing Tweets containing Bitly

• How is Bitly used by Phishers?• Who is Targeted ?• Which Locations are Affected ?

Page 9: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

9

System Architecture

Page 10: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

10

Referral Analysis

URL

Time

Is a Phish

Is Up

Phishing

URLs

Short

URLs Long URL

Short URL

Created by

Lookup API

Brand Analysis

Temporal Analysis

Geographical Analysis Behavior

al Analysis

Text Analysis

Network Analysis

Data Collection Filtering

Analysis

Page 11: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

11

Vote if Phishing

Yes No Unknown

Online

Yes 11,081 392 1,234

No 1,02,175 5,991 68,731

Unknown 4,863 523 795

1 January - 31 December, 2010

Dataset

Page 12: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

12

Dataset

• 990 public Twitter users who posted phish tweets

• 864 user accounts present at the time of analysis

• 2000 past tweets for each of 516 users

Page 13: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

13

Results

Page 14: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

14

Space gain is fraction of space saved by using bit.lyFor 50% URLs, Space Gain < 37%

Page 15: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

15

Social Network Websites targeted

Page 16: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

16

516Twitterusers

213 inorganic

303 organic

153 compromised

150 legitimate

Phish activity is majorly automated

Page 17: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

17

Sparse Network, High Reciprocity

Page 18: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

18

Country was determined by using the Bit.ly statistics

Brazil is most targeted followed by US and Canada

Page 19: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

19

Limitations

Page 20: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

20

•Reliance on PhishTank

•90% URLs offline when voted

•Small number of active voters

Page 21: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

21

Conclusion

Page 22: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

22

•URLs shorteners used to hide identity

•Change in landscape of phishing - OSNs target

•Phishing activity is automated

•Lack of phishing communities

•Brazil had highest phish URL clickthrough

Page 23: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

23

Future Work

Page 24: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

24

•Analyze the use of URL shorteners like goo.gl, tinyurl etc.

•Develop an algorithm to detect phishing on Twitter

Page 25: Phi.sh/$oCiaL: The Phishing Landscape through Short URLs Sidharth Chhabra *, Anupama Aggarwal †, Fabricio Benevenuto ‡, Ponnurangam Kumaraguru † * Delhi

25

Thank You !http://precog.iiitd.edu.in

http://precog.iiitd.edu.in/

HITKUL, PONNURANGAM KUMARAGURU, arXiv:2109.01936v1 …

HITKUL, PONNURANGAM KUMARAGURU, arXiv:2109.01936v1 …

Documents
Privacy and Security in Online Social Media #spsymposium13 March 2, 2013 Ponnurangam Kumaraguru (“PK”) Assistant Professor Hemant Bharat Ram Faculty Research

Privacy and Security in Online Social Media #spsymposium13 March 2, 2013 Ponnurangam Kumaraguru (“PK”) Assistant Professor Hemant Bharat Ram Faculty Research

Documents
Pollyanna Gonçalves (UFMG, Brazil) Matheus Araújo (UFMG, Brazil) Fabrício Benevenuto (UFMG, Brazil) Meeyoung Cha (KAIST, Korea) Comparing and Combining

Pollyanna Gonçalves (UFMG, Brazil) Matheus Araújo (UFMG, Brazil) Fabrício Benevenuto (UFMG, Brazil) Meeyoung Cha (KAIST, Korea) Comparing and Combining

Documents
How Connected are the ACM SIG Communities? Connected are the ACM SIG Communities? Fabricio Benevenuto Federal University of Minas Gerais, Brazil fabricio@dcc.ufmg.br Alberto H. F

How Connected are the ACM SIG Communities? Connected are the ACM SIG Communities? Fabricio Benevenuto Federal University of Minas Gerais, Brazil [email protected] Alberto H. F

Documents
Trust and Semantic Attacks - CyLab Usable Privacy and Security …cups.cs.cmu.edu/courses/ups-sp06/slides/060223.pdf · 2006. 3. 1. · Trust and Semantic Attacks - II Ponnurangam

Trust and Semantic Attacks - CyLab Usable Privacy and Security …cups.cs.cmu.edu/courses/ups-sp06/slides/060223.pdf · 2006. 3. 1. · Trust and Semantic Attacks - II Ponnurangam

Documents
Phi.sh/$oCiaL: The Phishing Landscape through Short URLs

Phi.sh/$oCiaL: The Phishing Landscape through Short URLs

Technology
Breaking the News: First Impressions Matter on Online News Julio Reis, Fabrício Benevenuto, Pedro Vaz de Melo, Raquel Prates Federal University of Minas

Breaking the News: First Impressions Matter on Online News Julio Reis, Fabrício Benevenuto, Pedro Vaz de Melo, Raquel Prates Federal University of Minas

Documents
Supervised Learning for Fake News Detection · Supervised Learning for Fake News Detection Julio C. S. Reis, Andre Correia, Fabrıcio Murai, Adriano Veloso, and Fabrıcio Benevenuto

Supervised Learning for Fake News Detection · Supervised Learning for Fake News Detection Julio C. S. Reis, Andre Correia, Fabrıcio Murai, Adriano Veloso, and Fabrıcio Benevenuto

Documents
DETECTING SPAMMERS AND CONTENT PROMOTERS IN ONLINE VIDEO SOCIAL NETWORKS Fabrício Benevenuto ∗, Tiago Rodrigues, Virgílio Almeida, Jussara Almeida, and

DETECTING SPAMMERS AND CONTENT PROMOTERS IN ONLINE VIDEO SOCIAL NETWORKS Fabrício Benevenuto ∗, Tiago Rodrigues, Virgílio Almeida, Jussara Almeida, and

Documents
[XLS] members/Life_Member... · Web viewS. HARIHARAN K. PONNURANGAM A. JAYARAMAN MD. FAZALILLAH BAIG S. DEVARAJAN C. HENRY JEBARAJ C.K. SUBRAMANIYAN Er.N.S.Elanthiraiyan AE/Electrical/Co.Mo/NCTPS

[XLS] members/Life_Member... · Web viewS. HARIHARAN K. PONNURANGAM A. JAYARAMAN MD. FAZALILLAH BAIG S. DEVARAJAN C. HENRY JEBARAJ C.K. SUBRAMANIYAN Er.N.S.Elanthiraiyan AE/Electrical/Co.Mo/NCTPS

Documents
Absence of cGAS-mediated type I IFN responses in HIV-1 ...Jul 23, 2020  · in HIV-1–infected T cells Carina Elsner a,b,1 , Aparna Ponnurangam a,1 , Julia Kazmierski a,c,d , Thomas

Absence of cGAS-mediated type I IFN responses in HIV-1 ...Jul 23, 2020  · in HIV-1–infected T cells Carina Elsner a,b,1 , Aparna Ponnurangam a,1 , Julia Kazmierski a,c,d , Thomas

Documents
Mostra cultural gercy benevenuto

Mostra cultural gercy benevenuto

Documents
1 SELECTIVE ACKNOWLEDGEMENT (SACK) RFC 2018 DUPLICATE SELECTIVE ACKNOWLEDGMENT (DSACK) RFC 2883 Rajesh Ponnurangam Computers & Information Sciences University

1 SELECTIVE ACKNOWLEDGEMENT (SACK) RFC 2018 DUPLICATE SELECTIVE ACKNOWLEDGMENT (DSACK) RFC 2883 Rajesh Ponnurangam Computers & Information Sciences University

Documents
Privacy in India: Attitudes and Awareness V 2precog.iiitd.edu.in/research/privacyindia/PI_2012_Complete_Report.pdf · Privacy in India: Attitudes and Awareness V 2.0 Ponnurangam

Privacy in India: Attitudes and Awareness V 2precog.iiitd.edu.in/research/privacyindia/PI_2012_Complete_Report.pdf · Privacy in India: Attitudes and Awareness V 2.0 Ponnurangam

Documents
Protecting People from Phishing: The Design and … People from Phishing: The Design and Evaluation of an Embedded Training Email System Ponnurangam Kumaraguru Yong Woo Rhee Alessandro

Protecting People from Phishing: The Design and … People from Phishing: The Design and Evaluation of an Embedded Training Email System Ponnurangam Kumaraguru Yong Woo Rhee Alessandro

Documents
Phi.sh/$oCiaL: The Phishing Landscape through Short URLs

Phi.sh/$oCiaL: The Phishing Landscape through Short URLs

Documents
CONTENTS...CONTENTS Special Event Annual Lecture Campus News Talk by Ms. Pallavi Iyer Electronica Fair Eminent Personality - Mr. Ponnurangam Kumarguru TEDx Global Day Guest Lecture

CONTENTS...CONTENTS Special Event Annual Lecture Campus News Talk by Ms. Pallavi Iyer Electronica Fair Eminent Personality - Mr. Ponnurangam Kumarguru TEDx Global Day Guest Lecture

Documents
PhishAri: Automatic Realtime Phishing Detection on Twitter · 1 PhishAri: Automatic Realtime Phishing Detection on Twitter Anupama Aggarwaly, Ashwin Rajadesingan , Ponnurangam Kumaraguruy

PhishAri: Automatic Realtime Phishing Detection on Twitter · 1 PhishAri: Automatic Realtime Phishing Detection on Twitter Anupama Aggarwaly, Ashwin Rajadesingan , Ponnurangam Kumaraguruy

Documents
CAMILA BENEVENUTO FERREIRA INTERCÂMBIO E CULTURA

CAMILA BENEVENUTO FERREIRA INTERCÂMBIO E CULTURA

Documents
A Geographical Characterization of YouTube: a Latin American View Fernando Duarte, Fabrício Benevenuto, Virgílio Almeida, Jussara Almeida Federal University

A Geographical Characterization of YouTube: a Latin American View Fernando Duarte, Fabrício Benevenuto, Virgílio Almeida, Jussara Almeida Federal University

Documents
 · Lair Chaves Gomes Laura Moraes de Souza Le'la Porto Viana Leovane das Neves Batalhas Leticia Rodrigues Benevenuto Lidiane Bandeira de Lima Lohruama Batista Riscado Luana Maria

 · Lair Chaves Gomes Laura Moraes de Souza Le'la Porto Viana Leovane das Neves Batalhas Leticia Rodrigues Benevenuto Lidiane Bandeira de Lima Lohruama Batista Riscado Luana Maria

Documents
Myeloid sarcoma of the oral cavity: A case report and ... Types: Case Report Myeloid sarcoma of the oral cavity: A case report and review of 89 cases from the literature Bruno-Augusto-Benevenuto

Myeloid sarcoma of the oral cavity: A case report and ... Types: Case Report Myeloid sarcoma of the oral cavity: A case report and review of 89 cases from the literature Bruno-Augusto-Benevenuto

Documents
@I to @Me: An Anatomy of Username Changing Behavior on Twitter · An Anatomy of Username Changing Behavior on Twitter Paridhi Jain, Ponnurangam Kumaraguru Indraprastha Institute of

@I to @Me: An Anatomy of Username Changing Behavior on Twitter · An Anatomy of Username Changing Behavior on Twitter Paridhi Jain, Ponnurangam Kumaraguru Indraprastha Institute of

Documents
Privacy and Security in Online Social Media Prof. Ponnurangam …precog.iiitd.edu.in/.../2019/transcripts/Week5.3.pdf · 2019. 3. 18. · Week – 5.3 Lecture – 18 Policing and

Privacy and Security in Online Social Media Prof. Ponnurangam …precog.iiitd.edu.in/.../2019/transcripts/Week5.3.pdf · 2019. 3. 18. · Week – 5.3 Lecture – 18 Policing and

Documents
Rajesh Ponnurangam Infosol - Speak BO · 2018. 6. 26. · BI4.0 Information Designer) after running the upgrade management tool you will have to open them in the Information Designer

Rajesh Ponnurangam Infosol - Speak BO · 2018. 6. 26. · BI4.0 Information Designer) after running the upgrade management tool you will have to open them in the Information Designer

Documents
Phi.sh/ oCiaL: The Phishing Landscape through Short URLsprecog.iiitd.edu.in/Publications_files/SC_AA_FB_PK_CEAS2011.pdf · • Online social media brands account for more than 70%

Phi.sh/ oCiaL: The Phishing Landscape through Short URLsprecog.iiitd.edu.in/Publications_files/SC_AA_FB_PK_CEAS2011.pdf · • Online social media brands account for more than 70%

Documents