University of Wollongong
Browse

SEFAP: An Email System for Anti-Phishing

Download (217.87 kB)
conference contribution
posted on 2024-11-14, 11:05 authored by Qoing Ren, Yi Mu, Willy SusiloWilly Susilo
More and more users are suffering from email-based phishing attacks over the past years. Despite the use of various technologies for anti-phishing, phishing is still one of most serious attacks against Internet users. Email phishing attacks fabricate the email’s origin. Unfortunately, current email server systems can not authenticate the genuineness of in-coming emails. In this paper, we present a novel antiphishing mechanism: Signed Email for Anti-Phishing (SEFAP), designed to automatically identify an email’s origin to mitigate email phishing attacks. The SEFAP system is an extendable secure cryptographic system that accommodates multiple signature schemes. SEFAP can adopt any signature scheme which has two properties: Identity-based and repudiability. Identity-based property removes the unrealistic full PKI infrastructure deployment requirement and the repudiability property protects sender’s privacy. We describe how to integrate the SEFAP system into a standard SMTP server. We also proposed an efficient implementation based on a novel ID-based ring signature scheme.

History

Citation

This conference paper was originally published as Qoing Ren, Yi Mu, Susilo, W., SEFAP: An Email System for Anti-Phishing, 6th IEEE/ACIS International Conference on Computer and Information Science ICIS 2007, 11-13 Jul, 782-787.

Parent title

Proceedings - 6th IEEE/ACIS International Conference on Computer and Information Science, ICIS 2007; 1st IEEE/ACIS International Workshop on e-Activity, IWEA 2007

Pagination

782-787

Language

English

RIS ID

22550

Usage metrics

    Categories

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC