Achieving a consensual definition of phishing based on a systematic review of the literature
Tóm tắt
Từ khóa
Tài liệu tham khảo
Abu-Nimeh S, Nappa D, Wang X, Nair S: A comparison of machine learning techniques for phishing detection. ACM, New York, NY, USA; 2007.
Al-Hamar M, Dawson R, Al-Hamar J: The need for education on phishing: a survey comparison of the uk and qatar. Campus-Wide Information Systems 2011, 28(5):308–319. 10.1108/10650741111181580
Ali M, Rajamani L: Deceptive phishing detection system: from audio and text messages in instant messengers using data mining approach. In Proceedings of the International Conference on Pattern Recognition, Informatics and Medical Engineering (PRIME). IEEE, Salem, Tamilnadu; 2012:458–465.
American Heritage Dictionary. (2013). Phishing, 5th edn.: Houghton Mifflin Harcourt Publishing Company. . Accessed 20 December 2013., [ http://www.ahdictionary.com/word/search.html?q=phish ].
Amin R, Ryan J, van Dorp J: Detecting targeted malicious email. IEEE Security Privacy 2012, 10(3):64–71. 10.1109/MSP.2011.154
Anti-Phishing Working Group (2013). Phishing Activity Trends Report, 2nd Quarter 2013. . Accessed 23 December 2013., [ http://docs.apwg.org/reports/apwg_trends_report_q2_2013.pdf ].
Bose I, Leung A: Assessing anti-phishing preparedness: a study of online banks in Hong Kong. Decision Support Systems 2008, 45(4):897–912. 10.1016/j.dss.2008.03.001
Brantingham, P, & Brantingham, P (1993). Environment, routine and situation: toward a pattern theory of crime. In: Clarke, RV, & Felson, M (Eds.) In Routine Activity and Rational Choice: Advances in Criminological Theory, volume 5. Piscataway: Transaction Press, (pp. 259–294).
Brantingham, P, & Brantingham, P (2008). Environmental criminology and crime analysis. In: Wortley, R, & Mazerolle, L (Eds.)Willan Publishing, Devon.
Clarke RV: Situational crime prevention: theoretical background and current practice. In Handbook on Crime and Deviance, Handbooks of Sociology and Social Research chapter 14. Edited by: Krohn MD, Lizotte AJ, Hall GP. Springer New York, New York; 2009:259–276.
Cohen LE, Felson M: Social change and crime rate trends: a routine activity approach. American Sociological Review 1979, 44(4):588–608. 10.2307/2094589
Collins English Dictionary (2013). Phishing. . Accessed 20 December 2013., [ http://www.collinsdictionary.com/dictionary/english/phishing ].
Cornish D: The procedural analysis of offending and its relevance for situational prevention. Crime Prevention Studies 1994, 3: 151–196.
Cornish, D, & Clarke, RV (2008). Environmental criminology and crime analysis. In: Wortley, R, & Mazerolle, L (Eds.)Willan Publishing, Devon.
El Helou S, Li N, Gillet D: The 3a interaction model: towards bridging the gap between formal and informal learning. In Proceedings of the Third International Conference on Advances in Computer-Human Interactions (ACHI). IEEE, Saint Maarten; 2010:179–184.
Feinstein, AR, & Cicchetti, DV (1990). High agreement but low kappa: I. The problems of two paradoxes. In Journal of Clinical Epidemiology, (Vol. 43, pp. 543–549).
Felson M, Clarke R: Opportunity makes the thief: practical theory for crime prevention. Home Office 1998, 98: 1–36.
Forte D: Anatomy of a phishing attack: a high-level overview. Network Security 2009, 2009(4):17–19. 10.1016/S1353-4858(09)70042-X
Freyne J, Coyle L, Smyth B, Cunningham P: Relative status of journal and conference publications in computer science. Communications of the ACM 2010, 53(11):124. 10.1145/1839676.1839701
Herzberg A: Why johnny can’t surf (safely)? Attacks and defenses for web users. Computers and Security 2009, 28(1–2):63–71. 10.1016/j.cose.2008.09.007
Hinson G: There must be thirty ways to steal your id. EDPACS 2010, 41(5):1–15. 10.1080/07366981.2010.495677
Hodgson P: The threat to identity from new and unknown malware. BT Technology Journal 2005, 23(4):107–112. 10.1007/s10550-006-0012-2
Hong J: The state of phishing attacks. Communications of the ACM 2012, 55(1):74–81. 10.1145/2063176.2063197
Hutchings A, Hayes H: Routine activity theory and who gets caught in the ‘Net’? Current Issues in Criminal Justice 2009, 20(3):433–451.
James L: Phishing exposed. Syngress Publishing Inc, Rockland; 2005.
Khonji M, Iraqi Y, Jones A: Phishing detection: a literature survey. IEEE Communications Surveys & Tutorials 2013, 15(4):2091–2121. 10.1109/SURV.2013.032213.00009
Kitchenham, B, & Charters, S. (2007). Guidelines for performing systematic literature reviews in software engineering: Technical Report EBSE-2007–01, Software Engineering Group, Keele University.
Kumaraguru P, Rhee Y, Acquisti A, Cranor L, Hong J, Nunge E: Protecting people from phishing: the design and evaluation of an embedded training email system. In Proceedings of the Conference on Human Factors in Computing Systems. ACM, New York, NY, USA; 2007:905–914.
Kumaraguru P, Sheng S, Acquisti A, Cranor L, Hong J: Teaching johnny not to fall for phish. ACM Transactions on Internet Technology 2010, 10(2):1–31. 10.1145/1754393.1754396
McFedries P: Technically speaking: gone phishin’. 43 2006, 4: 80.
McNaught C, Lam P: Using wordle as a supplementary research tool. The Qualitative Report 2010, 15(3):630–643.
Merriam-Webster (2013). Phishing. . Accessed 20 December 2013., [ http://www.merriam-webster.com/dictionary/phishing ].
Moore T: Phishing and the economics of e-crime. Infosecurity 2007, 4(6):34–37. 10.1016/S1754-4548(07)70148-1
Moran T, Moore T: The phish-market protocol: secure sharing between competitors. IEEE Security and Privacy 2010, 8(4):40–45. 10.1109/MSP.2010.138
Olurin M, Adams C, Logrippo L: Platform for privacy preferences (p3p): current status and future directions. In Tenth Annual International Conference on Privacy, Security and Trust. IEEE, Paris; 2012:217–220.
Oxford University Press (2014). Phishing. . Accessed 18 July 2014., [ http://www.oxforddictionaries.com/definition/english/phishing ].
Piper P: A newer, more profitable aquaculture. Searcher: Magazine for Database Professionals 2007, 15(9):40–47.
Pratt TC, Holtfreter K, Reisig MD: Routine online activity and internet fraud targeting: extending the generality of routine activity theory. Journal of Research in Crime and Delinquency 2010, 47(3):267–296. 10.1177/0022427810365903
Oxford University Press (2013). OED Online. Accessed 20 December 2013.
Purkait S: Phishing counter measures and their effectiveness—literature review. Information Management & Computer Security 2012, 20(5):382–420. 10.1108/09685221211286548
Reyns BW, Henson B, Fisher BS: Being pursued online: applying cyberlifestyle-routine activities theory to cyberstalking victimization. Criminal Justice and Behavior 2011, 38(11):1149–1169. 10.1177/0093854811421448
Schank R, Abelson R: Scripts, plans, and knowledge. In Advance Papers of the Fourth International Joint Conference on Artificial Intelligence. Morgan Kaufmann Publishers Inc., San Francisco, CA, USA; 1975:151–157.
Sparks RF: Research on victims of crime: accomplishments, issues and new directions. Crime and delinquency issues, Rockville: National Institute of Mental Health; 1982.
Verma, R, Shashidhar, N, Hossain, N (2012). Two-pronged phish snagging. In Proceedings of the 7th International Conference on Availability, Reliability and Security (ARES), (pp. 174–179).
Workman M: Wisecrackers: a theory-grounded investigation of phishing and pretext social engineering threats to information security. Journal of the American Society for Information Science and Technology 2008, 59(4):662–674. 10.1002/asi.20779
Xiang G, Hong J: A hybrid phish detection approach by identity discovery and keywords retrieval. In Proceedings of the 18th International World Wide Web Conference (WWW). ACM, New York, NY, USA; 2009:571–580.
Xiang G, Hong J, Rose C, Cranor L: Cantina+: a feature-rich machine learning framework for detecting phishing web sites. ACM Transactions on Information and System Security 2011, 14(2):1–28. 10.1145/2019599.2019606
Yar M: The novelty of ‘cybercrime’: an assessment in light of routine activity theory. European Journal of Criminology 2005, 2(4):407–427. 10.1177/147737080556056
Yar M: Sociological and criminological theories in the information era. In Cyber-Safety: An Introduction. Edited by: Stol W, Leukfeldt R. Eleven International Publishing, Utrecht; 2012.