A PROJECT PROPOSAL ON

AN ANTI-PHISHING DETECTION SYSTEM

SUBMITTED BY:

COMPUTER SCIENCE DEPARTMENT.

 SUMMARY.

Phishing is a form of crime in which identity theft is accomplished by the use of deceptive
electronic mail and a fake site on the World Wide Web. Whiles phishing threatens financial
institutions, retail companies and consumers daily, phishers remain successful by researching anti-
phishing countermeasures and adapting their attack methods to the countermeasures, either to
exploit them, or completely circumvent them. This study attempts to identify solutions to phishing.
It consists of an experiment on browsers inbuilt phishing detection system using walk through
inspection and batch scripting codes to analyze problems in them, meta-analysis of phishing
anomalies on various research works, experimental quiz on users for phishing detection by
developing web application, development of model for phishing prevention and verification of the
proposed model on an extension made to use in Google Chrome. The experiment using 96 samples
of phishing websites from phishtank.com in 5 most used browsers (Internet Explorer, Google
Chrome, Mozilla Firefox, Safari and Opera). The results show that they can detect 85% of the
phish websites with their inbuilt anti-phishing system on average. Browsers don't provide the
solutions after detecting the phishing websites which is the main problem in the existing anti-
phishing system in the browsers.

The data gathered through questionnaire showed users find most difficult to detect
misspelled/derived names in URL, URLs using http in place of https and URLs using multiple Top
Level Domains (TLD). An anti-phishing solution model constituting of white list and heuristic
approach has been developed where fore mentioned anomalies in the URL are taken into
consideration. An extension plug-in for Google's Chrome browser is developed and tested with
different test cases of problems in anti-phishing system in browsers and the top severe anomalies
in the URL. The proposed model was tested with 96 phishing sites with lack of SSL anomalies, 66
with lengthy URL, 39 with multiple TLDs, etc. from Phish Tank could detect all the phishing
websites where Google Chrome detected 86 of them. The lack of SSL was seen in all the phishing
websites and awareness regarding SSL could definitely prevent users from phishing.

i
 TABLE OF CONTENT

Content Page

Summary i
Table of content ii
Introduction 1

1.1 Background 1
1.2 Problem Statement 3
1.3 Research Questions 4
1.4 General Objective 4
1.5 Specific Objectives 4
1.6 Methodology 5
1.7 Research Tools 5
1.8 Significance of the Research 5

References 7

ii
 INTRODUCTION.

1.1 Background.

In the last quarter of the twentieth century, a technological revolution centered on information has

transformed the way we think, produce, consume, trade, communicate, and even how we make

love (Castells, 2000). As compared to some decades ago, information and communication

technologies (ICT) penetration and adoption is on the increase across Africa (ITU, 2008).

Although rudimentary access to internet and other online facilities in most parts of Sub-Saharan

Africa still depends on the use of public internet access points such as cybercafés, nations like

Nigeria, Cameroon and Ghana now have facilities for mobile internet access through satellite

connections and fiber optic cables. With the enormous advancement in Information and

Communication Technologies, computers and related technologies are now being used in almost

all walks of life. Computers today touch every aspect of society including the financial industry,

manufacturing industry, universities, insurance companies, law enforcement, and governmental

agencies. There are numerous benefits of these technologies in every sector. Along with the

benefits, there are several issues, complications and crimes created associated with these

technologies.

Wide popularity in the usage of Information and Communication Technologies (ICT) has enabled

criminals to use them in illegitimate ways (Sen & S, 2001). It is imminent that technologies

including the Internet open doors to numerous opportunities for enterprises, it has also a dark side,

which involves not only hacking and cracking, fraud and theft, pervasive pornography, pedophile

rings etc. but also includes extortion, money laundering, pirating, corporate espionage, drug

trafficking and criminal organizations.

1
Cybercrime is rapidly rooting even in the developing country like Ghana. Figure 1 below shows

the annual distribution of cybercrime in Ghana.

Figure 1. The Annual distribution of Cybercrime (2006-2011) in Ghana

Source: Statistics & Information Technology Unit (SITU), CID Headquarters, Accra.

The annual distribution of cybercrime (2006-2011) are depicted in Figure 1. The modal years for

internet fraud were 2007 and 2011. This could be attributed to the fact that Ghana Police Service

step up public education about the menace and that may have motivated victims to report the crime

or police vigilance led to the arrest of many suspects. However, police recorded lowest cases in

2006 and 2010. It could also mean that people were not reporting cybercrime cases to avoid the

frustrations of inconclusive police investigations.

Technical-human resource in the law enforcing agencies has to be developed to embark upon

accelerating computer crimes in Ghana. Rationally, as most of the processes in organizations are

automated through computers, the crime associated with it will also scale. There has to be

systematized monitoring of with crimes borne from the social networking sites, ATM frauds, etc.

2
The development of Computer Crime Prevention Model (CCPM) is imperative. This research

particularly deals with the prevention model for a category of computer crime called phishing.

Phishing consists of various on hand tools and techniques which will be extensively studied

through literatures and case studies. The research also analyzes problems of the existing system

and proposes a validated Anti-Phishing Model.

1.2 Problem Statement.

Phishing threatens financial institutions, retail companies, and consumers' cyber activities daily.

Phishers remain successful by researching anti-phishing countermeasures and adapting their attack

methods to exploit the fore mentioned organizations and completely circumvent them. As people

increasingly rely on Internet to do business, Internet fraud becomes apparent threat to people’s

Internet life. Internet fraud uses misleading messages online to deceive human users into forming

a wrong belief and then to force them to take dangerous actions to compromise their or other

people’s welfare.

In addition, financial institutions are flourishing in Ghana. The banking and business scenarios in

Ghana are gradually changing with the enormous application of ICT in their businesses. These

institutions are using ICT technologies in different forms and serving their customers. More people

are adopting internet and mobile to perform their transactions in these institutions. On the other

hand, these technologies are susceptible to the phishers. However, these changing scenarios have

also attracted many cybercriminals.

Some incidents and phish scams are already seen in the police record. The prevention of phishing

is very important and localization of the solution will provide better assurance to the Ghanaian

3
people. There are several anti-phishing solutions available and as a matter of fact, all the popular

web browsers come with inbuilt anti-phishing solutions. There is no complete measure to stop or

prevent Internet users falling prey to phishing attacks (Dhamija, Tygar, & Hearst, 2006). Every

year Internet users lose hundreds of millions of dollars to phishing attacks (APWG, 2013). In case

of Ghana, where computer literacy is very low, making the internet users to install anti phishing

solution can be cumbersome due to limited knowledge and utility of these tools. Therefore, such

internet users should be facilitated with the effective inbuilt anti-phishing solutions in browsers.

1.3 Research Questions.

For satisfying the objective of the study, the following research questions are prepared.

1) What are the problems in anti-phishing web browsers’ system?

2) How can technology intervene to increase user awareness so that users are not misled by

phishing sites?

1.4 General Objective.

The general objective of the study is;

1) To propose a phishing detection model, that increases user awareness.

1.5 Specific Objectives.

The specific objectives of this research are;

4
 1) To study about phishing detection in web browsers.

2) To identify URL anomalies that are likely to confuse users in phishing websites.

3) To ensure a higher level of protection against phishing through user awareness

1.6 Methodology.

The methodologies to be employed are;

1. Primary Data.

2. Secondary Data.

3. Questionnaire.

1.7 Research Tools.

Below are the research tools to be used;

1. PHP programming language.

2. JSON programming language.

3. JAVA programming language.

4. Eclipse IDE.

5. Notepad + +.

1.8 Significance of The Research.

The significance of this research is;

 To aware internet user about phishing.

5
 To improves the phishing detection.

 To protect internet users from falling to phishing attacks and save money as well as

resources.

6
REFERENCES.
APWG. (2013). About APWG. Retrieved 09 01, 2013, from http://www.antiphishing.org/about-

APWG/

Castells, M. (2000). The Rise of the Network Society, The Information Age: Economy, Society

and Culture, Vol. I. Oxford: Blackwell Publishing Ltd.

Dhamija, R., Tygar, J. D., & Hearst, M. (2006). Why Phishing Works. ACM 1-59593-178-

3/06/0004.

Internet World Stats, (2000). Ghana Internet Usage Stats and Market Reports. Retrieved December

30, 2000, from http://www.internetworldstats.com/af/gh.htm#top

Internet World Stats, (2017). Internet Users in Africa June 2017. Retrieved June 30, 2017, from

http://www.internetworldstats.com/stats1.htm

International Telecommunications Union (ITU) (2008), Africa, ICT Indicators 2007, ITU World

Telecommunication/ICT Indicators Database, Geneva. Retrieved January 13, 2009, from

http://www.itu.int/ITU-D/ict/statistics/at_glance/af_ictindicators_2007.html

Sen, O. N., & S, B. (2001). Criminal Justice Responses to Emerging Computer Crime Problems.

Texas: University of North Texas.