The PhishBouncer Experience

Abstract

This extended abstract summarizes the technical results developed under the PhishBouncer project (October 2005 to May 2007), where the authors collaborated with researchers from Symantec Research Lab (SRL). The goal of this project was to develop middleware-based technology to defend unsuspecting users against Phishing attacks. More specifically, the project explored mechanisms to intercept and inspect HTTP and HTTPS traffic to detect and block interaction with Phish sites, and mechanisms for quickly disseminating the Phishing URL. A part of the work started in this project has continued at SRL under separate funding, that aspect of the work is kept out scope of this paper. The project started out by conceiving a total anti-Phishing solution package, but made technical advances in a number of its separate aspects, such as smart proxy insertion and rapid update dissemination, which transcend the specific problem space.