MA work completed: Holistic Approach to detect Phishing Websites

Author: Marco Madritsch

Supervisor: Peter Schartner (AINF/syssec)

In cooperation with: Marcus Hassler (econob)

A phishing attack attempts to encourage the victim to reveal sensitive information by the use of fake massages and manipulated websites. This thesis deals with the conception and prototypical development of a holistic approach in order to detect phishing websites. The architecture consists of a client-side browser extension for Mozilla Firefox and a server-side RESTful web service (see Figure 1). The implemented analysis process comprises a total of six superordinate analysis steps and evaluates a website on the one hand on the basis of certain heuristics and on the other hand on the basis of a classifier and the individual surfing behavior pattern of the respective user. The results of the prototype evaluation showed an accuracy of 84.17%, with a sensitivity of 78.13% and a specificity of 90.22%.

Figure 1: Architecture of the Anti-Phishing Concept

Search for a Student Assistant !!!

We are looking for a Student Assistant

(computer science or information management) in the AAU’s data protection project.

Employment rate 8h/week (from now until September 2018).

Tasks: Insertion of data in the register of processing activities.

Expected knowledge: German

There is a lot to do, but there is more to learn!

Contact: Peter Schartner

In Search of a Student Assistant (8h/week)!

The Institute of Applied Computer Science is looking for a student assistant for 8h/week (starting on 1.March 2018).

The goal is the re-engineering of the algorithm visualization tool go2algo (current version at https://syssec.at/download/go2algo_5.2_BETA. jar) and a modularization in which individual algorithms can be quickly added or removed.

The range of functions should grow with the progress of the lecture.

The topic can also be adapted towards software practice/Bachelor thesis (aprox. 400€ per month).

Expected knowledge: German, SWE, Java and A&D

If you are interested, please contact peter [dot] schartner [at] aau [dot] at .

Project Semester at CERBERUS

Master students at the Institute for Applied Computer Science (AINF) have the opportunity to do their project semester as part of a national or international research project.

Thomas Grafenauer is currently working within his project semester on CERBERUS, a FFG/KIRAS project dealing with the protection of critical infrastructure (KIs).

Based on the information on critical infrastructure objects collected by the public agencies, the security relevant data is structurally prepared and imported in a developed data model in the course of the CERBERUS project. This enables to logically represent the interdependencies and cascading effects in an interdependency model. This interdependency model can be used to identify, evaluate and simulate possible cascade effects. The simulation is done in “Omnet++”, an event simulation tool. With the help of the simulation, the effects of the cascade effect are made visible, enabling targeted preventive measures to be taken at the most critical points of the network.