29-09-2016, 02:23 PM
1456824649-LITIEEE14547258571003.docx (Size: 70.81 KB / Downloads: 6)
ABSTRACT:
Phishing is an attempt by an individual or a group to thieve personal confidential information such as passwords, credit card information etcfrom unsuspecting victims for identity theft, financial gain and other fraudulent activities.In our paper we have proposed a new approach for phishing websites classification to solve the problem of phishing.
Phishing websites comprise a variety of cues within its content-parts as well as the browser-based security indicators provided along with the website which we call Captcha as graphical passwords (CaRP).CaRP is both a Captcha and a graphical password scheme. The images is
Used to preserve the privacy of image captcha by decomposing the original image captcha into two shares. These shares are stored in separate database servers such that the original image captcha can be revealed only when both should be available simultaneously; the individual images do not reveal the identity of the original image captcha. Once the original image captcha is revealed to the user it can be used as the password for the user.
I. INTRODUCTION:
Online transactions are nowadays become very common and there are various attacks present behind this. In these types of various attacks, phishing is identified as a major security threat and new innovative ideas are arising with this in each second so preventive mechanisms should also be so effective.
Thus the security in these cases be very high and should not be easily tractable with implementation easiness. Nowadays, most applications are secure as their underlying system. Since the design and technology of middleware has improved steadily, their detection is a difficult problem.
As a result, it is impossible to be sure whether a computer that is connected to the internet can be considered secure or not. Phishing scams are also becoming a problem for online banking and e-commerce users. The question is how to handle those applications that require a high level of security.
phishing is a form of online identity theft that aims to steal sensitive information such as online banking passwords and credit card information from users. Phishers attempt for fraudulent activities in order to acquire information like password and other confidential information.
one definition of phishing is given as “it is a criminal activity using social engineering techniques. Phishers attempt to acquire sensitive information, such as passwords and credit card details, by acting as a trustworthy person or business in an electronic communication”. The conduct of identity theft with this acquired sensitive information has also become easier with the use of technology which can be described as “a crime in which the impostor obtains key pieces of information such as Social Security and driver's license numbers and uses them for his or her own gain”. Phishing attacks rely upon a mix of technical deceit and social engineering practices. In the majority of cases the phisher must persuade the victim to intentionally perform actions that will provide phishers to access confidential information.
Communication channels such as email, webpages, IRC and instant messaging services are popular. In all cases the phisher must impersonate a trusted source for the victim to believe. To date, the most successful phishing attacks have been initiated by email – where the phisher impersonates the sending authority such that the phishers may obtain the victims information through this email-spoofing.
So here introduces a new method which can be used as a safe way against phishing which is named as "A novel [1] approach against Anti-phishing using visual cryptography". In this approach website verifies itself that it is a genuine website or not (to use bank transaction, E-commerce and online booking system etc.) and make the system secure as well as an authenticated one.
The concept of image processing and an improved visual cryptography is used. Image processing is a technique of processing an input image and to get the output which is improved form of the same image . Visual Cryptography (VC)[1][7] is a method of encrypting a secret image to shares, such that stacking a sufficient number of shares reveals the secret image.
Visual Secret Sharing(VSS) is a perfect method[3][7] that protects a secret image by dividing it into shadow images. Vss can be easily decrypted by the human visual system without the knowledge of cryptography computations.
Halftone technology[7][6] scheme is an image comprised of discrete dots rather than continuous tones.When the image is viewed from a distance,the dots blur together,creating the illusion of continuous lines and shapes.
II.EXISTING SYSTEM:
In [1] they noted Visual Cryptography(VC) scheme encodes the black and white secret image by using (2,n) threshold VCS into n shares .The reconstructed image will be darker than the background images.Threshold VC is a conventional threshold $k out of $n VCS ($k,$n). One secret image $p can be encoded into $n seemingly random transparencies such that superimposed result of any group of $k,while that of less than $k ones cannot by using integer line programme.
In [2] they focussed on improved VCS for secret hiding. Hiding a colored image into multiple colored cover images. Using this, generated camouflage images contains less noise compared to original chang’s algorithm. Improvement in signal to noise ratio of camouflage image by producing images with similar quality to originals. Lossless recovery and reduces noise in cover images without adding additional complexity. It does not require any additional cryptographic computations. The camouflage images obtained using the modified algorithm look less susceptible of containing a secret image than ones obtained using the original method.
In [3] they used pixel encoding in VC for general access structure. It scans the secret image by zigzag and perceives a pixel block with many pixels as to encode for each run. Pixel block consists of consecutive pixels of same type during the scanning. Good quality for overlapped images and high efficiency for encoding. Suitable and adaptable for chromatic images and general access structure. It only scans the original image instead of temporarily storing the image.
Hence in [4] they also used Halftone technique for color VCS scheme using meaningful shares. VC hides the secret images into two or more images. This image can be recovered by stacking the shares together without any complex computation. This system can be combined with digital watermarking or visual verification system. Shares donot look like random noise.
In [4] they noted color VCS using meaningful shares. Hides secret image into two or more images which are called shares. Secret image can be recovered simply by stacking shares together. These shares will not arouse the attention of hackers. It is perfectly applicable and achieves a high security level.
In [5] they discussed VSS scheme for multiple secrets without pixel expansion. It encrypts a secret image into n share images. The secret image is revealed by printing share image on transparencies and stacking directly. Human can see secret image without any device. It can share two binary secret image on two rectangular share image with no pixel expansion. It has excellent recovery quality for secret images. It does not use codebook to encrypt secret images. Challenge of obtaining no pixel expansion in VSS has not yet resolved.
In [6] they focussed on improving contrast in radom grids based Visual Secret Sharing(VSS) . Random grids based (n,n) scheme, decryption is done with the help of human visual system by stacking the cipher grid. Decryption operation is done using Boolean XOR operation. VC scheme also require the generation of code book prior to share a secret image by using XOR operation. Lossless secret reconstruction.
In [7] they used Halftone technique for the journey of VCS from black to white images to colored. It merges the technology for secret sharing which allow visual information to be encrypted that decryption can be done by Human Visual System. Halftone technique achieves all the desired property. Scheme does not need to be dithering , which would degrade the quality of reconstructed image.
In [8] they used discussed on enhanced colour VSS scheme using modified error diffusion that hides information in images which divide secret images into multiple shares. Secret information can be retrieved by stacking any k number of decrypted shares. Hiding information in images which divide secret images into multiple shares.
In [9] they mentioned Secure two party computation which involves merging together in a suitable way two beautiful ideas of circuit construction and Visual Cryptography(VC). Two party computation in presence of a static semi honest adversary. It plays a key role in secure computation. It do not follow the traditional entropy based characterization and do not play the roles they deserve.
III. PROPOSED SYSTEM:
The concept of image processing and an improved visual cryptography is used. Image processing is a technique of processing an input image and to get the output as either improved form of the same image and/or characteristics of the input image. In Visual Cryptography (VC) an image is decomposed into shares and in order to reveal the original image appropriate number of shares should be combined.
VCS is a cryptographic technique that allows for the encryption of visual information such that decryption can be performed using the human visual system. We can achieve this by one of the following access structure schemes.
(2, 2)- Threshold VCS scheme- This is a simplest threshold scheme that takes a secret message and encrypts it in two different shares that reveal the secret image when they are overlaid.
(n, n) -Threshold VCS scheme-This scheme encrypts the secret image to n shares such that when all n of the shares are combined will the secret image be revealed.
(k, n) Threshold VCS scheme- This scheme encrypts the secret image to n shares such that when any group of at least k shares are overlaid the secret image will be revealed.
In the case of (2, 2) VCS, each pixel P in the original image is encrypted into two sub pixels called shares. It denotes the shares of a white pixel and a black pixel. Note that the choice of shares for a white and black pixel is randomly determined (there are two choices available for each pixel). Neither share provides any clue about the original pixel since different pixels in the secret image will be encrypted using independent random choices. When the two shares are superimposed, the value of the original pixel P can be determined. If P is a black pixel, we get two black sub pixels; if it is a white pixel, we get one black sub pixel and one white sub pixel.
CONCLUSION:
Phishing websites as well as human users can be easily identified using our proposed "Anti-phishing framework based on VisualCryptography". The proposed methodology preserves confidential information of users. verifies whether the website is a genuine/secure website or a phishing website.
If the website is a phishing website (website that is a fake one just similar to secure website but not the secure website), then in that situation, the phishing website can’t display the image captcha for that specific user (who wants to log in into the website) due to the fact that the image captcha is generated by the stacking of two shares, one with the user and the other with the actual database of the website. The proposed methodology is also useful to prevent the attacks of phishing websites on financial web portal, banking portal, online shopping market.
VI.SUGGESTED FUTURE WORK:
The cyber frauds are increasing day by day.The intelligent attackers are creating fake websites same as of the original/genuine websites and hence capture and store user’s confidential information. By using this system it is possible to overcome above situation. The system helps to recognize the system is genuine or not and if it is not then the user’s confidential information will not be revealed to the phishing website. The use of shares as a security key in this system increases the security level. This system can be used in the sectors like banking, finance and online shopping.