Overview
Topic status: We're looking for students to study this topic.
Phishing emails attempt to trick the recipient to disclose confidential information, such as credit card numbers and online banking credentials, which may then be use to commit fraudulent acts. The increasing number and sophistication in phishing attacks makes phishing one of the biggest security problems in today's Internet. The aim of this project will investigate techniques to protect against the spoofing of emails, on which most phishing attacks rely.
Phishing attacks are particularly difficult to counteract in general because they exploit both technical and psychological aspects. However the main facilitator of phishing attacks is the inherent lack of authentication in Internet email. While a number of technical solutions have been proposed for authenticating email (e.g. S/MINE, OpenPGP, and DKIM), these have been arguably unsuccessful. This research will firstly identify impediments to existing solutions. We will then focus on mechanisms for authenticating emails at the domain name level, which is most relevant to phishing, with the intention of devising and implementing improvements to existing schemes, specifically DKIM. The research will involve the development of a test bed environment for evaluating existing systems and enhancements to them.
- Study level
- Honours
- Supervisors
- QUT
- Organisational unit
Science and Engineering Faculty
- Research area
- Contact
- Please contact the supervisor.
