Show simple item record

dc.contributor.authorFahim Hashemi, Hana Sadat
dc.contributor.otherQueen's University (Kingston, Ont.). Theses (Queen's University (Kingston, Ont.))en
dc.date2014-08-28 14:54:58.54en
dc.date.accessioned2014-08-29T14:53:49Z
dc.date.available2014-08-29T14:53:49Z
dc.date.issued2014-08-29
dc.identifier.urihttp://hdl.handle.net/1974/12398
dc.descriptionThesis (Master, Computing) -- Queen's University, 2014-08-28 14:54:58.54en
dc.description.abstractPhishing is one of the most prevalent types of modern attacks, costing significant financial losses to enterprises and users each day. Despite the emergence of various anti-phishing tools and techniques, not only there has been a dramatic increase in the number of phishing attacks but also more sophisticated forms of these attacks have come into existence. One of the most complicated and deceptive forms of phishing attacks is the tabnabbing attack. This newly discovered threat takes advantage of the user’s trust and inattention to the open tabs in the browser and changes the appearance of an already open malicious page to the appearance of a trusted website that demands confidential information from the user. As one might imagine, the tabnabbing attack mechanism makes it quite probable for even an attentive user to be lured into revealing his or her confidential information. Few tabnabbing detection and prevention techniques have been proposed thus far. The majority of these techniques block scripts that are susceptible to perform malicious actions or violate the browser security policy. However, most of these techniques cannot effectively prevent the other variant of the tabnabbing attack that is launched without the use of scripts. In this thesis, we propose a hybrid tabnabbing detection approach with the aim of overcoming the shortcomings of the existing anti-tabnabbing approaches and techniques. Our approach combines five heuristic-based metrics with data mining techniques to keep track of the major changes made to the structure of a webpage whenever a tab loses its focus. We develop our approach as a browser extension for Mozilla Firefox and evaluate its effectiveness and performance using a dataset consisting of legitimate and tabnabbing websites. Our evaluation results convey a significant improvement over the existing techniques, indicating that our approach can be utilized as a viable means for protecting users from tabnabbing attacks.en_US
dc.languageenen
dc.language.isoenen_US
dc.relation.ispartofseriesCanadian thesesen
dc.rightsThis publication is made available by the authority of the copyright owner solely for the purpose of private study and research and may not be copied or reproduced except as permitted by the copyright laws without written authority from the copyright owner.en
dc.subjectTabnabbingen_US
dc.subjectAttack Detectionen_US
dc.subjectPhishingen_US
dc.titleA Hybrid Approach to Detect Tabnabbing Attacksen_US
dc.typethesisen_US
dc.description.degreeMasteren
dc.contributor.supervisorZulkernine, Mohammaden
dc.contributor.departmentComputingen


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record